Use of non-user readable (null password) private keys

Phil Pennock Phil.Pennock at
Wed Mar 28 11:05:17 EST 2001

On 2001-03-27 at 17:44 +0100, Piete Brooks gifted us with:
> Locally they can use sudo, but for performing operations on a remote machine, 
> they need an ssh capability.

Locally, they can use sudo.

prompt$ cat /usr/local/bin/fred
sudo -u bert ssh -i /home/bert/.ssh/zebedee wibble "$@"

Gives you the benefit of logs on the client-side too, indicating exactly
who invoked it.  Unless the remote side needs to ask identd questions?

If absolutely necessary that they not auth before doing stuff remotely,
just use "NOPASSWD:" in sudoers for that command-entry.
Do not anger a bard, for your name is silly and it scans to 'Greensleeves'.

More information about the openssh-unix-dev mailing list