I was trying to use "su - <account>" but it prompts me for password in interactive mode. How do I write main.sh script that executes various commands by logging in as different accounts and login profiles. Is there a way to automatically redirect the password for "su" command to accept the password.
Please guide me further...
Thanks...
It is very difficult to redirect a password into su and this is intentional. Storing passwords and automatically logging into accounts is very dangerous and often a bad idea.
sudo can be configured to login without passwords, it is very flexible; but be careful to only give such permissions in a very limited and specific way.
Hi,
I already tried using sudo but i don't have access to it,so that's why i am compelled to use it with su..
Is there no way out by which we can pass the password along with the username while using su....
What you could do is make "root" the owner of the file (and chmod 500), and then run your script. It won't prompt "root" for passwords.
Hi,
I can't make the roort owner of the file as I don't have rights to do so.
Is there no other alternative to do so???
I have heard about expect utility ,but it also works for root only.
Can anyone give any solution to the problem ?
thanks in advance...
Can anyone help me for the above??
I am unable to implement the logic of expect in my script.
Any help of whatsoever magnitude may prove very useful..
Thanks in advance...
Instead of using su or sudo, you could use ssh with key-based authentication. See my reply on a similar thread here:
Hi Auto cross,
Thxs for replying.
But could you please be a little more descriptive about how to use ssh with key-based authentication as I tried manning it and searching it in google but was unable to implement the same in my script.
So ,could you please elaborate a little more about this procedure.
MAny Thanks.
Here's an article that explains how to setup key-based authentication:
Linux.com :: Using key-based authentication over SSH
You may want to google around for other examples if this one doesn't work for you.
After the public key for USER_A has been created and appended to the authorized_keys file of USER_B, you can run local scripts like this:
As USER_A:
ssh USER_B@localhost /path/to/script
You would need to copy the public key to each user's authorized_keys file that you wish to execute commands as.
I should not give you my dirty tricks...
Watch:
ant:/rdm/users/jju $ remsh ant -l vbe
Please wait...checking for disk quotas
(c)Copyright 1983-2000 Hewlett-Packard Co., All Rights Reserved.
(c)Copyright 1979, 1980, 1983, 1985-1993 The Regents of the Univ. of California
(c)Copyright 1980, 1984, 1986 Novell, Inc.
(c)Copyright 1986-1992 Sun Microsystems, Inc.
(c)Copyright 1985, 1986, 1988 Massachusetts Institute of Technology
(c)Copyright 1989-1993 The Open Software Foundation, Inc.
(c)Copyright 1986 Digital Equipment Corp.
(c)Copyright 1990 Motorola, Inc.
(c)Copyright 1990, 1991, 1992 Cornell University
(c)Copyright 1989-1991 The University of Maryland
(c)Copyright 1988 Carnegie Mellon University
(c)Copyright 1991-2000 Mentat Inc.
(c)Copyright 1996 Morning Star Technologies, Inc.
(c)Copyright 1996 Progressive Systems, Inc.
(c)Copyright 1991-2000 Isogon Corporation, All Rights Reserved.
RESTRICTED RIGHTS LEGEND
Use, duplication, or disclosure by the U.S. Government is subject to
restrictions as set forth in sub-paragraph (c)(1)(ii) of the Rights in
Technical Data and Computer Software clause in DFARS 252.227-7013.
Hewlett-Packard Company
3000 Hanover Street
Palo Alto, CA 94304 U.S.A.
Rights for non-DOD U.S. Government Departments and Agencies are as set
forth in FAR 52.227-19(c)(1,2).
You have mail.
ant:/home/vbe $
ant:/home/vbe $ exit
logout
Connection closed.
ant:/rdm/users/jju $ id
uid=6206(jju) gid=20(users)
You've guessed?
Hi vbe,
Thanks for the reply.
As fas as I have guessed its something to do with uid.
But I am not sure how to use it.
Could you please throw some light on it??
Many Thanks
Taran
Not really...I did this to show show you (what you want...) I changed UID without being asked anything...
So,
How do you connect to a remote host without being asked anything?
(and of course is considered as a potential security breach...)
(Sorry fo the late reply, very busy lately...)
Hi vbe,
Thxs for the reply... But I am unable to comprehend what exactly do you want me to tell??
Could you please be a bit more elaborative
Many Thanks
Taran
Taran,
Can you access the accounts that you need to "su - " to legally?
If yes, then go the "ssh traded keys" route.
On most of our servers, we disable "rsh/remsh". Check it via inetadm or in /etc/inetd.conf.
OR, even though you may not have "root", you can ask your Unix engineers to chown/chmod the script once you have finished writing it.
Look at the use of .rhosts file...
Hi vbe,
Thxs for the reply.
I tried configuring .rhosts file according to my requirements but I am not authorised to add or modify anything into the same as I am not a root user.
So,could you let me know any workaround this??
Many Thanks
The ssh and remsh solutions will not work unless you have access to the other accounts or root access. Can you not login as the other accounts and configure the authorized_keys files or the .rhosts files?
Of course you can since you know the other account and have its passwd
( you connect as, then edit/create .rhosts there is not need to be root here...)