Hi,
I have a script, 'transfer_file' that has setuid permissions set and is running on Solaris 9 and 10.
From within this script I need to run a sftp command to transfer a file to a remote server. The public keys of the script owner have been transferred to the remote server and files and remote listings can be transferred without problem from the command prompt.
However when the sftp command is run from within the script it requests that a password be entered when run by another user id.
Script permissions are:
-rwsrwxr-- 1 script_owner group 1206 Apr 15 11:06 transfer_file
The relevant code within this script is below
echo "Running as `whoami`\nID information is `id`\n"
sftp remote_user@remote_server <<EOF
ls -l
quit
EOF
When run as 'script_owner' it runs correctly and produces the following output
prompt > transfer_file
/dev/fd/3
Running as 'script_owner'
ID information is uid=3031(script_owner) gid=350(group)
Connecting to remote_server...
sftp> drwxr-xr-x 0 63533 64167 8192 Apr 14 16:09 .
drwxrwxrwx 0 0 1000800 8192 Oct 20 16:49 ..
-rw------- 0 63533 64167 3720 Apr 14 20:36 .sh_history
drwx------ 0 63533 64167 8192 Mar 14 08:41 .ssh
drwxr-xr-x 0 63533 64167 8192 Apr 11 15:07 .ssh2
However when run as a different user it produces the following:
prompt > transfer_file
Running as 'script_owner'
ID information is uid=3012(user_1) gid=350(group) euid=3031(script_owner)
Connecting to remote_server...
dixtusrd@s0da.r1-core.r1s password:
Is this a restriction of ssh to disallow remote connections without entering a password when using setuid ?
I do not have the password for the user on the remote server.
Stv T