[sudo-users] Help on ssh using sudo
anandkrish
anandkrish at outlook.com
Mon Aug 18 06:24:12 MDT 2014
Hi people,
I am kinda confused in the configuration of sudoers for one group of users
the users need to execute a app from a remote machine, in this local mahine they want me to allow ssh for them using sudo
for eg. sudo -u admin ssh -X guiadmin@<IP address of remote> <remote script which opens a gui>
should work so in the sudoers i added like this
Cmnd_Alias SSH = /usr/bin/ssh *-X guiadmin@<IP address of remote> <remote script which opens a gui>*
whats the problem with this is that even though this group of users were able to execute the application to open the GUI, but this opens up a security hole where the users are able to ssh to any server using the admin role like sudo -u admin master would work perfectly and the user is able to log into other servers without password i dont want this to happen.
is there a way i can restrict this users only to run ssh for a specific server? i did sercha bit but couldnt find a proper solution, so thought of contacting the expert.
regards,
Andy
Sent from Samsung Mobile
More information about the sudo-users
mailing list