su/sudo using ssh auth
John E Hein
jhein at timing.com
Sat Nov 3 06:00:41 EST 2001
Todd C. Miller wrote at 10:55 -0700 on Nov 2:
> I have resisted doing this because I really think it is pointless.
>
> The only reason sudo authenticates at all is to guard against a
> lack of physical security. Using the ssh agent would not protect
> against thins since the passphrase is only entered once. If you
> don't want to enter a password in sudo, just turn off authentication
> and rely on whatever method was used to login.
But I do want to have to enter a password, for instance, at the start of
a long running build script that needs to occasionally have root
privs at a number of strategic points in the script to do some
building in a chroot or mount a flash device.
When the script ends (successfully or otherwise), the sudo credential
for the script and its children would go away.
Without such a feature (and without turning off sudo authentication),
one would have to periodically revisit the script and re-enter
one's password.
I hope this example illustrates the utility of a sudo-agent type
of feature. An authentication more fine grained than login level
authentication is desired.
As someone suggested, Kerberos tickets might be a good way to go - I've
never used them.
More information about the openssh-unix-dev
mailing list