Re: Running remote commands through sudo/sec framework?
Re: Running remote commands through sudo/sec framework?
- Subject: Re: Running remote commands through sudo/sec framework?
- From: Rakka <email@hidden>
- Date: Fri, 29 Jul 2005 10:16:57 +1000
What happens when a new account on the remote machine is created? And
the user forgets to set it up again?
It won't be secure to use sudo -S would it?
On 29/07/2005, at 10:05 AM, Eric Brunstad wrote:
Perhaps you could create a small setup app which would run on the
remote machine and edit the sudoers file for the user.
-Eric
On Jul 28, 2005, at 7:28 PM, Rakka wrote:
That'd be good, however, this for a an application, and I think
most users shouldn't do anything other than enable SSH on their
machines. I wouldn't want everyone who uses the app to go and
fiddle with the sudoers file?
And also, before working on that, how would I check if the user is
an admin, after someone connects to their remote machine through
my app?
Thanks.
On 29/07/2005, at 1:42 AM, Michael Carter wrote:
Have the admin on the remote machine add the commands you need to
execute to the sudoers file with the NOPASSWD: modifier. This is
the way most admins allow external scripts to work between machines.
On Jul 28, 2005, at 5:50 AM, Rakka wrote:
Hi,
I want to run some terminal commands on a remote machine through
my application (the tasks require admin authentication, i.e
sudo). Is this possible to do securely? I was thinking of using
SSH, but once the user supplies the name and password for the
remote machine, and my app connects to it, how do I check if it
was an administrator name and password. And once I verify that
it is a correct admin user, how would I directly send commands
using sudo -e? Or is there a way to use the Security framework
for remote authentication?
I'm trying to figure out how to do this, but just can't see how
it can be done. (executing sudo commands on a remote machine).
Thanks a lot for any help.
- rakka _______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40mac.com
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40gmail.com
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40mindsprockets.com
This email sent to email@hidden
Eric Brunstad
Mind Sprockets Software
email@hidden
www.mindsprockets.com
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden