[sudo-users] SUDO: NOEXEC over ssh -t user at host

Gary C. New garycnew at yahoo.com
Mon Jul 25 11:56:10 EDT 2011

Recently, I've successfully been able to implement the NOEXEC tag with the more and less commands on my localhost.  However, I'm now attempting to allow a user sudo access to a remote machine using sudo /usr/bin/ssh -t.


vi /etc/sudoers
gary     ALL=(gnutech) NOPASSWD:NOEXEC: /usr/bin/ssh -t guest at host more /var/logs/syslog

I'm able to remotely more the syslog, but I'm able to execute the shell escape and obtain a remote shell as the guest user.

sudo -u gnutech /usr/bin/ssh -t guest at host more /var/logs/syslog

Is it possible to inforce the NOEXEC feature remotely over ssh?

I'm using sudo-1.6.8 --with-noexec on RHEL 4.

Thank you for your assistance.

Kind Regards,


More information about the sudo-users mailing list