[Klug-general] rebooting remote server

Dan Attwood danattwood at gmail.com
Wed Oct 2 08:29:50 UTC 2013 

Paul: I'm 'administrator' on both the local and remote machines
Chris: I believe the keys have been added - if they weren't i wouldn't be
able to ssh in without using a password.


On 2 October 2013 09:25, chrisk <c.kirby at cairn-research.co.uk> wrote:

> Are you able to add the key to /root/.ssh/authorized_keys?
>
>
>
> On Wed, 2013-10-02 at 09:20 +0100, Dan Attwood wrote:
> >  I've tested the ssh part and that works fines, it log straight in.
> >
> >
> > in visudo I added:
> >
> >
> > administrator   ALL=(ALL:ALL) NOPASSWD:  /sbin/shutdown
> >
> >
> > on the local machine I then run:
> >
> >
> > ssh -t 10.0.100.38   /sbin/shutdown -r 03:00
> >
> >
> >
> > but it says: shutdown need to be root
> >
> >
> > if I run it with sudo:
> >
> >
> > ssh -t 10.0.100.38   sudo /sbin/shutdown -r 03:00
> >
> >
> >
> > it then asks for a password.
> >
> >
> > I'm guessing i've got something wrong in the sudoers file somewhere.
> >
> >
> >
> >
> > On 1 October 2013 17:25, Paul Littlefield <info at paully.co.uk> wrote:
> >         On 01/10/13 17:09, Paul Littlefield wrote:
> >                 I might have a google for you now...
> >
> >
> >         ...yes, lots on this particular subject!
> >
> >         http://bit.ly/1hijZQe
> >
> >         It seems you have to check 3 things...
> >
> >         1. Who you are logging in as and exactly what SSH key they
> >         use.
> >         2. What that user is allowed to do in the /etc/sudoers file.
> >         3. What SSH allows you to do.
> >
> >         I have just tried...
> >
> >            ssh me at myserver sudo ls
> >
> >         ...and it failed with errors.
> >
> >            ssh -t me at myserver sudo ls
> >
> >         ...worked and asked me for a password.
> >
> >         So...
> >
> >         1. Check your passwordless SSH key works normally first. You
> >         can specify which one to use with the -i option.
> >         2. Try and read the massive 'man sudoers' page. The fix for 1
> >         person seemed to be...
> >            %sudo   ALL=(ALL:ALL) NOPASSWD: ALL
> >           ...please check this out, because it seems a bit risky to
> >         me.
> >           or maybe
> >            admin   ALL=(ALL:ALL) NOPASSWD: REBOOT
> >
> >
> >         3. ssh -t will fix it.
> >
> >
> >         Hope this helps, and let me know how you get on.
> >
> >
> >
> >
> >         _______________________________________________
> >         Kent mailing list
> >         Kent at mailman.lug.org.uk
> >         https://mailman.lug.org.uk/mailman/listinfo/kent
> >
> >
>
>
> _______________________________________________
> Kent mailing list
> Kent at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/kent
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/kent/attachments/20131002/7d4d9d93/attachment.html>

More information about the Kent mailing list