Passwordless Login between users

Hari_Ganesh · January 6, 2010, 10:41pm

Hi Gurus,

Wanted to know if there is a way to enable passwordless login between specific users in a Solaris (5.9)server.

I copied the public key of first user into the $HOME/.ssh/authorized_keys file of the second user. But it didn't work out.

Note - Am talking about users in the same server not across different servers.

incredible · January 6, 2010, 10:45pm

Check your steps (I understand that this is on the same host)
Solaris System Admin tips: SSH without password in Solaris

sudhiroracle · January 6, 2010, 10:50pm

i think a password will be setup but it can be setup as non-expiry. but not sure if a passwordless logins exist.

Hari_Ganesh · January 6, 2010, 10:54pm

Hi Incredible,

That was incredibly fast.

But when we switch to the other using using "su" command, i guess this doesn't work. Is there a way for that?

Thanks,
HG

incredible · January 6, 2010, 11:05pm

please post the output:-
su from 1st user to 2nd
id = user1
user1> su - user2

Hari_Ganesh · January 7, 2010, 12:12am

Hi

It works if you ssh from firstuser@host to seconduser@host.
It prompts for password if you su - <seconduser>

Attached is the log.
e1011605 is the first user. e1011961 is the second user.

 
mumux131 @ /users/e1011605
[12]e1011605: ssh e1011961@mumux131
Last login: Thu Jan  7 10:37:59 2010 from mumux131
You have accessed a private network. Any unauthorized entry into or use of
this system is unlawful and may result in civil and/or criminal penalties.
All system activity is logged and becomes the property of the system owner.
 
mumux131 @ /users/e1011961
[9]e1011961: exit
Connection to mumux131 closed.
mumux131 @ /users/e1011605
[13]e1011605: su - e1011961
Password:
su: Sorry
mumux131 @ /users/e1011605
[14]e1011605: mumux131 @ /users/e1011605
[14]e1011605:

HG

incredible · January 7, 2010, 1:32am

[13]e1011605: su - e1011961
Password:
su: Sorry

you using the correct password?

Hari_Ganesh · January 7, 2010, 2:06am

Hi

I think u have interpreted me wrong.
My requirement is that when first user "su" to second user,it should not prompt for password.

I have copied the public key of first user into the authorized_keys file of second user and when i "ssh" from 1st user to 2nd user,password is not prompted.
Bur when i "su" to second user from 1st user,password is being prompted.

I hope this clarifies.

Gurus,

Any others who have different ideas.

Thanks
HG

pludi · January 7, 2010, 2:23am

su is completely different from SSH. They're not even part of the same software.

su will authenticate a user against the system authorization scheme (usually using PAM), and it will always ask for a password, on every invocation.

SSH, in addition to PAM, can use a public key authentication scheme. But that's specific to SSH, and can not easily be applied to other things.

If you want to only run certain commands as another user, take a look at sudo and the NOPASSWD option.

jlliagre · January 7, 2010, 3:54am

If you wan't passwordless login between users on the same host, just have these user's keys being added to each other ~/.ssh/authorized_keys file (I understand you already did that) and run "ssh otheruser@localhost" instead of "su otheruser" to switch accounts