FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 03-03-2010, 08:20 PM
Tim Nelson
 
Default SSH Remote Execution - su?

Greetings All-

I'm about to embark on some remote management testing and need a way to login to a remote system running CentOS 4.x/5.x via SSH, su to root (using a password), then execute a command.

I currently login to the boxes using key based SSH like this:

ssh -i ~/remote_key admin@$REMOTEIP

Then, I SU to root. However, if I try to do this automatically like this:

ssh -i ~/remote_key admin@$REMOTEIP 'su -l'

I'm getting:

"standard in must be a tty"

So, how am I able to remote login using SSH, su to root, then execute a command as root?

All comments and suggestions welcome. Thanks!

--Tim
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 08:36 PM
James Hogarth
 
Default SSH Remote Execution - su?

On 3 March 2010 21:20, Tim Nelson <tnelson@rockbochs.com> wrote:
> Greetings All-
>
> I'm about to embark on some remote management testing and need a way to login to a remote system running CentOS 4.x/5.x via SSH, su to root (using a password), then execute a command.
>
> I currently login to the boxes using key based SSH like this:
>
> ssh -i ~/remote_key admin@$REMOTEIP
>
> Then, I SU to root. However, if I try to do this automatically like this:
>
> ssh -i ~/remote_key admin@$REMOTEIP 'su -l'
>
> I'm getting:
>
> "standard in must be a tty"
>
> So, how am I able to remote login using SSH, su to root, then execute a command as root?
>
> All comments and suggestions welcome. Thanks!
>
> --Tim
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Best off configuring sudo for that user (with no password) and make
sure that user has !requiretty in the sudoers configuration.

James
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 08:41 PM
Jeremy Rosengren
 
Default SSH Remote Execution - su?

On Wed, Mar 3, 2010 at 3:36 PM, James Hogarth <james.hogarth@gmail.com> wrote:

On 3 March 2010 21:20, Tim Nelson <tnelson@rockbochs.com> wrote:

> Greetings All-

>

> I'm about to embark on some remote management testing and need a way to login to a remote system running CentOS 4.x/5.x via SSH, su to root (using a password), then execute a command.

>

> I currently login to the boxes using key based SSH like this:

>

> ssh -i ~/remote_key admin@$REMOTEIP

>

> Then, I SU to root. However, if I try to do this automatically like this:

>

> ssh -i ~/remote_key admin@$REMOTEIP 'su -l'

>

> I'm getting:

>

> "standard in must be a tty"

>

> So, how am I able to remote login using SSH, su to root, then execute a command as root?

>

> All comments and suggestions welcome. Thanks!

>

> --Tim

> _______________________________________________

> CentOS mailing list

> CentOS@centos.org

> http://lists.centos.org/mailman/listinfo/centos

>



Best off configuring sudo for that user (with no password) and make

sure that user has !requiretty in the sudoers configuration.



James

_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos
Does "ssh -t" help?

-- j*

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 08:48 PM
Benjamin Franz
 
Default SSH Remote Execution - su?

Tim Nelson wrote:
> So, how am I able to remote login using SSH, su to root, then execute a command as root?
>
You would probably be better off setting up forced-commands-only only
login for root. and configuring the /root/.ssh/authorized_keys file
with the command you want to execute.

--
Benjamin Franz
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 08:48 PM
John Kennedy
 
Default SSH Remote Execution - su?

On Wednesday 03 March 2010 16:20:21 Tim Nelson wrote:
> Greetings All-
>
> I'm about to embark on some remote management testing and need a way to
> login to a remote system running CentOS 4.x/5.x via SSH, su to root (using
> a password), then execute a command.
>
> I currently login to the boxes using key based SSH like this:
>
> ssh -i ~/remote_key admin@$REMOTEIP
>
> Then, I SU to root. However, if I try to do this automatically like this:
>
> ssh -i ~/remote_key admin@$REMOTEIP 'su -l'
>
> I'm getting:
>
> "standard in must be a tty"
>
> So, how am I able to remote login using SSH, su to root, then execute a
> command as root?
>
> All comments and suggestions welcome. Thanks!
>
> --Tim
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
You could use an expect script to ssh to the box then su to root with the
password. You can have the script ask for the password so it is not hard coded
or used on the command line. Expect can allow you to interact with the shell
once you have su'd.
I have used a combination of bash and expect scripting to get stats from
multiple boxes and it works a treat.
If you need more details/help, let me know.
John
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 09:25 PM
Tim Nelson
 
Default SSH Remote Execution - su?

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

----- "Jeremy Rosengren" <jeremy.rosengren@gmail.com> wrote:

> > On Wed, Mar 3, 2010 at 3:36 PM, James Hogarth <james.hogarth@gmail.com> wrote:
>
> On 3 March 2010 21:20, Tim Nelson <tnelson@rockbochs.com> wrote:
>
> Greetings All-
>
>
>
> I'm about to embark on some remote management testing and need a way to login to a remote system running CentOS 4.x/5.x via SSH, su to root (using a password), then execute a command.
>
>
>
> I currently login to the boxes using key based SSH like this:
>
>
>
> ssh -i ~/remote_key admin@$REMOTEIP
>
>
>
> Then, I SU to root. However, if I try to do this automatically like this:
>
>
>
> ssh -i ~/remote_key admin@$REMOTEIP 'su -l'
>
>
>
> I'm getting:
>
>
>
> "standard in must be a tty"
>
>
>
> So, how am I able to remote login using SSH, su to root, then execute a command as root?
>
>
>
> All comments and suggestions welcome. Thanks!
>
>
>
> --Tim
>
> _______________________________________________
>
> CentOS mailing list
>
> CentOS@centos.org
>
> http://lists.centos.org/mailman/listinfo/centos
>
>
>

>
Best off configuring sudo for that user (with no password) and make
>
sure that user has !requiretty in the sudoers configuration.
>

>
James
>
> _______________________________________________
>
CentOS mailing list
>
CentOS@centos.org
>
http://lists.centos.org/mailman/listinfo/centos
> Does "ssh -t" help?
YESS. It prevents the tty error from showing up and asks me for a password as expected. BUT, how do I then automate the entering of the password?

John Kennedy mentioned using expect which I've used before but found it to be 'finnicky'. I may have to look at it again...

Changing settings such as sudo configuration or ssh config may be daunting since I have a large number of systems(150+) that would need to be modified. :-/

--Tim
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-03-2010, 10:19 PM
"nate"
 
Default SSH Remote Execution - su?

Tim Nelson wrote:
> YESS. It prevents the tty error from showing up and asks me for a password
> as expected. BUT, how do I then automate the entering of the password?
>
> John Kennedy mentioned using expect which I've used before but found it to
> be 'finnicky'. I may have to look at it again...
>
> Changing settings such as sudo configuration or ssh config may be daunting
> since I have a large number of systems(150+) that would need to be modified.
> :-/

Just login as root with ssh keys?

If you needed to somehow block brute force cracking attacks against
the root account either globally disable password auth, or it appears
you can use the option "PermitRootLogin without-password" to restrict
remote root logins via SSH to keys only. I haven't tried this option
myself.

nate


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-04-2010, 04:48 AM
Chris Geldenhuis
 
Default SSH Remote Execution - su?

Tim Nelson wrote:
>
>
> Tim Nelson
> Systems/Network Support
> Rockbochs Inc.
> (218)727-4332 x105
>
> ----- "Jeremy Rosengren" <jeremy.rosengren@gmail.com> wrote:
> >
> > On Wed, Mar 3, 2010 at 3:36 PM, James Hogarth
> <james.hogarth@gmail.com <mailto:james.hogarth@gmail.com>> wrote:
> >
>
> > On 3 March 2010 21:20, Tim Nelson <tnelson@rockbochs.com
> <mailto:tnelson@rockbochs.com>> wrote:
> > > Greetings All-
> > >
> > > I'm about to embark on some remote management testing and need
> a way to login to a remote system running CentOS 4.x/5.x via SSH,
> su to root (using a password), then execute a command.
> > >
> > > I currently login to the boxes using key based SSH like this:
> > >
> > > ssh -i ~/remote_key admin@$REMOTEIP
> > >
> > > Then, I SU to root. However, if I try to do this automatically
> like this:
> > >
> > > ssh -i ~/remote_key admin@$REMOTEIP 'su -l'
> > >
> > > I'm getting:
> > >
> > > "standard in must be a tty"
> > >
> > > So, how am I able to remote login using SSH, su to root, then
> execute a command as root?
> > >
> > > All comments and suggestions welcome. Thanks!
> > >
> > > --Tim
> > > _______________________________________________
> > > CentOS mailing list
> > > CentOS@centos.org <mailto:CentOS@centos.org>
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> >
> >
> Best off configuring sudo for that user (with no password) and make
> > sure that user has !requiretty in the sudoers configuration.
> >
> > James
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS@centos.org <mailto:CentOS@centos.org>
> > http://lists.centos.org/mailman/listinfo/centos
>
>
> >
> Does "ssh -t" help?
>
> YESS. It prevents the tty error from showing up and asks me for a
> password as expected. BUT, how do I then automate the entering of the
> password?
>
> John Kennedy mentioned using expect which I've used before but found
> it to be 'finnicky'. I may have to look at it again...
>
> Changing settings such as sudo configuration or ssh config may be
> daunting since I have a large number of systems(150+) that would need
> to be modified. :-/
>
> --Tim
> ------------------------------------------------------------------------
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
I found that Python expect is far more logical and understandable for
complex tasks than the expect command.

ChrisG
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-04-2010, 10:15 AM
John Doe
 
Default SSH Remote Execution - su?

From: Tim Nelson <tnelson@rockbochs.com>
> I'm about to embark on some remote management testing and need a way to login to
> a remote system running CentOS 4.x/5.x via SSH, su to root (using a password),
> then execute a command.

Maybe try /etc/securetty

JD



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 03-04-2010, 03:16 PM
Chris Murphy
 
Default SSH Remote Execution - su?

I used to manage ~150 Linux desktop and would have
to do one off scripts to make updates.* Fortunately I found Puppet and
now I never have to do things like this any more but here's the
Bash/Expect combo that I used to use:



chris$ ./mass_copy.sh:



#!/bin/sh

export ROOTPW='secret1'

export ADMINPW='secret2'



HIVES="machine1 machine2 machine3"

for machine in $HIVES; do

*** /path/to/script/get_root.exp $machine

done



chris$ cat get_root.exp

#!/usr/bin/expect -f



set timeout 40



spawn ssh [lrange $argv 0 0]

expect "admin@$argv's password:"

send "$env(ADMINPW)
"

expect "$"

send "exec su -
"

expect "Password: "

send "$env(ROOTPW)
"

expect "#"

send "/mnt/it_updates/update_something.sh
"

interact

expect "#"

send "exit
"

*

This was handed down to me by the sysadmin who was here before me and
it worked great except sometimes it would not log out of each machine
and I would have to babysit it and press CTRL-D after each run.* It can
easily be expanded on to suit your needs, and maybe someone in the
mailing list can refine it, but if this is your job and you think there
is even the remotest possibility that you would have to do this again,
seriously look into Puppet, Func, mCollective, really anything is
easier then doing it this way.



Chris



On 3/4/10 12:48 AM, Chris Geldenhuis wrote:

Tim Nelson wrote:




Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

----- "Jeremy Rosengren" <jeremy.rosengren@gmail.com> wrote:



On Wed, Mar 3, 2010 at 3:36 PM, James Hogarth


<james.hogarth@gmail.com <mailto:james.hogarth@gmail.com>> wrote:






> On 3 March 2010 21:20, Tim Nelson <tnelson@rockbochs.com
<mailto:tnelson@rockbochs.com>> wrote:
> > Greetings All-
> >
> > I'm about to embark on some remote management testing and need
a way to login to a remote system running CentOS 4.x/5.x via SSH,
su to root (using a password), then execute a command.
> >
> > I currently login to the boxes using key based SSH like this:
> >
> > ssh -i ~/remote_key admin@$REMOTEIP
> >
> > Then, I SU to root. However, if I try to do this automatically
like this:
> >
> > ssh -i ~/remote_key admin@$REMOTEIP 'su -l'
> >
> > I'm getting:
> >
> > "standard in must be a tty"
> >
> > So, how am I able to remote login using SSH, su to root, then
execute a command as root?
> >
> > All comments and suggestions welcome. Thanks!
> >
> > --Tim
> > _______________________________________________
> > CentOS mailing list
> > CentOS@centos.org <mailto:CentOS@centos.org>
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
>
Best off configuring sudo for that user (with no password) and make
> sure that user has !requiretty in the sudoers configuration.
>
> James
>
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org <mailto:CentOS@centos.org>
> http://lists.centos.org/mailman/listinfo/centos







Does "ssh -t" help?

YESS. It prevents the tty error from showing up and asks me for a
password as expected. BUT, how do I then automate the entering of the
password?

John Kennedy mentioned using expect which I've used before but found
it to be 'finnicky'. I may have to look at it again...

Changing settings such as sudo configuration or ssh config may be
daunting since I have a large number of systems(150+) that would need
to be modified. :-/

--Tim
------------------------------------------------------------------------

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos



I found that Python expect is far more logical and understandable for
complex tasks than the expect command.

ChrisG
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos






_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 12:22 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org