su/sudo using ssh auth

John E Hein jhein at timing.com
Sat Nov 3 08:08:02 EST 2001


Bob Proulx wrote at 13:17 -0700 on Nov  2:
 > > But I do want to have to enter a password, for instance, at the start of
 > >  a long running build script that needs to occasionally have root
 > >  privs at a number of strategic points in the script to do some
 > >  building in a chroot or mount a flash device.
 > 
 > How long is long running?  You could always increase the time for
 > remembering that a password was entered to be long enough to cover the
 > needed time interval.

Could be 1, could be 12, could be more hours; could be much less
 if it dies early.

The timeout you mention is compiled in.


 > What commands are you running?  You could always specify an interface
 > of okayed commands in sudoers where no password is ever required.  If
 > those commands are okay to run then they are okay to run.  Mounting
 > and unmounting are prime examples.

rm, mount, cpio, etc., etc.
I want these to be authenticated once for the parent process, then
 children who invoke sudo need not enter a password.  I don't want
 carte blanche NOPASSWD in sudoers (which applies to the anyone
 running a sudo that uses that sudoers - usually per machine).
 Nor do I want to have to edit sudoers each time I add a command
 I want to run with sudo to this or some other script.

This equates to a setuid program (except you need to get authenticated
 to run it) where the elevated effective uid is relinquished when it's
 not needed.

There are some conceptual parallels to ssh-agent, but it's not quite the
 same thing (nor, as has been mentioned, should it be).



More information about the openssh-unix-dev mailing list