[HPADM] Re: expect - sudo - ssh - update
- From: Richard L Ross <rross@xxxxxxxxxx>
- Date: Fri, 25 Apr 2008 10:10:49 -0400
You could add a different public key into root's authorized_keys file that
contains 'command=' parameter. From 'man sshd'
command="command"
Specifies that the command is executed whenever this key is used
for authentication. The command supplied by the user (if any)
is
ignored. The command is run on a pty if the client requests a
pty; otherwise it is run without a tty. If an 8-bit clean
channel is required, one must not request a pty or should
specify
no-pty. A quote may be included in the command by quoting it
with a backslash. This option might be useful to restrict
certain public keys to perform just a specific operation. An
example might be a key that permits remote backups but nothing
else. Note that the client may specify TCP and/or X11
forwarding
unless they are explicitly prohibited. The command originally
supplied by the client is available in the SSH_ORIGINAL_COMMAND
environment variable. Note that this option applies to shell,
command or subsystem execution.
From: vinod kumar <vinodkumarmp@xxxxxxxxx>
To: hpux-admin@xxxxxxxxxxxxx
Date: 04/25/08 09:49 AM
Subject: [HPADM] expect - sudo - ssh - update
Most of the folks recomented sudo . most of the folks
have concern on expect .
My challenge is , I need to run a script on remote
server as root . But don't want to open root login to
the server . I guess a good way is to create a normal
user account for this purpose with ssh keys shared and
have this user in sudo file to execute the sctript .
any other/better way ?
Thanks to all replied
-vinod
--- "Marshall, Richard" <Richard.Marshall@xxxxxxxxxxx>
wrote:
Thank all who responded to my question on setting
the umask for ftpd in
the /etc/inetd.conf file. It was set to 007.
Richard W. Marshall
Senior Technical Specialist
Information Systems
richard.marshall@xxxxxxxxxxx
617-328-2921
Hours: 06:00-14:00 Mon.-Fri.
This email message is intended only for the
addressee(s) and contains information that may be
confidential.
If you are not the intended recipient please notify
the sender by reply email and immediately delete
this message.
Use, disclosure or reproduction of this email by
anyone other than the intended recipient(s) is
strictly prohibited.
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
--
---> Please post QUESTIONS and SUMMARIES only!! <---
To subscribe/unsubscribe to this list, contact majordomo@xxxxxxxxxxxxx
Name: hpux-admin@xxxxxxxxxxxxx Owner: owner-hpux-admin@xxxxxxxxxxxxx
Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only)
http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)
- References:
- [HPADM] expect - sudo - ssh - update
- From: vinod kumar
- [HPADM] expect - sudo - ssh - update
- Prev by Date: [HPADM] expect - sudo - ssh - update
- Next by Date: [HPADM] Summary: How to verify if ftpserver & webserver are used ("last" command?)
- Previous by thread: [HPADM] expect - sudo - ssh - update
- Next by thread: [HPADM] Summary: How to verify if ftpserver & webserver are used ("last" command?)
- Index(es):
Relevant Pages
|
