| 1 |
On Friday, 15 July 2022 10:13:12 CEST J. Roeleveld wrote: |
| 2 |
> On Thursday, 14 July 2022 23:22:46 CEST Steve Wilson wrote: |
| 3 |
> > On 14/07/2022 07:35, J. Roeleveld wrote: |
| 4 |
> > > Hi All, |
| 5 |
> > > |
| 6 |
> > > I am looking for a way to login to a host and automatically change to |
| 7 |
> > > root |
| 8 |
> > > using a password provided by an external program. |
| 9 |
> > > |
| 10 |
> > > The root passwords are stored in a vault and I can get passwords out |
| 11 |
> > > using |
| 12 |
> > > a script after authenticating. |
| 13 |
> > > |
| 14 |
> > > Currently, I need to do a lot of the steps manually: |
| 15 |
> > > ssh <user>@<host> |
| 16 |
> > > su - |
| 17 |
> > > (copy/paste password from vault) |
| 18 |
> > > |
| 19 |
> > > I would like to change this to: |
| 20 |
> > > <some-script> <host> |
| 21 |
> > > |
| 22 |
> > > Does anyone have any hints on how to achieve this without adding a |
| 23 |
> > > "NOPASSWD" entry into /etc/sudoers ? |
| 24 |
> > > |
| 25 |
> > > Thanks in advance, |
| 26 |
> > > |
| 27 |
> > > Joost |
| 28 |
> > |
| 29 |
> > Have you looked at dev-tcltk/expect? |
| 30 |
> > |
| 31 |
> > There's possibly an example you could try at |
| 32 |
> > <https://www.journaldev.com/1405/expect-script-ssh-example-tutorial> |
| 33 |
> > although you probably want to prompt for the password or retreive it |
| 34 |
> > programatically rather than putting it on the command line :o |
| 35 |
> > |
| 36 |
> > Steve. |
| 37 |
> |
| 38 |
> This looks promising. Will have a look to see if this can be made to work. |
| 39 |
> I will need to find a way to get the password programmatically inside the |
| 40 |
> script as I will not put it on the commandline and definitely not hard-coded |
| 41 |
> in a script. |
| 42 |
|
| 43 |
Thank you, this works. |
| 44 |
Got the script to grab all the details needed from the vault and ends up |
| 45 |
giving me a remote root-prompt. |
| 46 |
|
| 47 |
-- |
| 48 |
Joost |
Archives