|
|
Shell script, SSH and SUDO problem
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Hello to all:
This is the problem that I am facing. I am able to log into machien via SSH unattended but I want to run a script using SUDO. However SUDO prompts for a password.
Any ideas how to get around this. Is there someway of having the script enter the password for me or ro disable the need to be prompted.
thanks in advance.
Basically I want to write a script that logs into 25 machines and reboots them one at a time.
thanks
BostonMACOSX
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Mar 2001
Location: Provo, UT
Status:
Offline
|
|
Modify /etc/sudoers so that it doesn't ask for a password. It's less secure, obviously, but it typically the only way to deal with scripting and not putting a password in an insecure area.
man sudo for more info on how the sudoers file works. (Actually it should have the modifications in it, commented out)
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Originally posted by clarkgoble:
Modify /etc/sudoers so that it doesn't ask for a password. It's less secure, obviously, but it typically the only way to deal with scripting and not putting a password in an insecure area.
man sudo for more info on how the sudoers file works. (Actually it should have the modifications in it, commented out)
Sorry for the ignorance....but what change should I make to it?
Can I limit the Sudo to a single user and not a group like admin.
thanks
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Oct 2001
Location: Philly
Status:
Offline
|
|
Originally posted by BostonMACOSX:
Sorry for the ignorance....but what change should I make to it?
Can I limit the Sudo to a single user and not a group like admin.
You can even limit it to a single user and command, so that user bob can log in and run shutdown as root, but nothing else. Read the manual page for the exact sytax - it should be something along the lines of
'user hostname = NOPASSWD: /sbin/shutdown'
but I don't have OSX in front of me, so I'm not 100% on that...
mathias
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: May 1999
Location: San Jose, CA
Status:
Offline
|
|
Originally posted by clarkgoble:
Modify /etc/sudoers so that it doesn't ask for a password. It's less secure, obviously, but it typically the only way to deal with scripting and not putting a password in an insecure area.
man sudo for more info on how the sudoers file works. (Actually it should have the modifications in it, commented out)
The problem isn't with sudo asking for the password, it's the remote machines asking for a password as you log in.
Even if you launch your script under sudo on your current machine, when you ssh to the first machine you'll be asked for a password again.
The easiest way to do this is to setup public key logins on each machine so that the central machine can log in using public key authentication rather than username/password.
man ssh-keygen for details on how to do this.
|
Gods don't kill people - people with Gods kill people.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|