LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-12-2008, 03:58 PM   #1
helsing
LQ Newbie
 
Registered: Feb 2008
Posts: 11

Rep: Reputation: 0
www-data password / authorization (newb)


hi,

a couple of questions on the same topic.

when i su www-data from my user account it asks for a password. i don't remember setting one. is there a default, or can i change this. (i can su www-data from root so i can at least run some tests.)

i am using php exec() to call a script that i placed in /bin. to debug i can run the script as www-data from the terminal. sometimes i can execute the script with no authorization warnings, sometimes i am told that i don't have authorization to perform certain commands like chmod.

finally, i am calling pscp in my script to transfer files. when i run the script as root or my user it remembers the server id key, but each time i run it as www-data it keeps prompting me if i trust the address.


thanks.


steve
 
Old 03-13-2008, 09:45 AM   #2
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Sounds to me as if www-data is a pseudo type user. You can become this user as root as root is the administrator, doesn't need a password but I'd recommend if this user has access to run scripts from PHP in a web browser, it's best to not even give this user an actual password or you're opening yourself up to security vulnerabilities.
 
Old 03-13-2008, 10:51 AM   #3
helsing
LQ Newbie
 
Registered: Feb 2008
Posts: 11

Original Poster
Rep: Reputation: 0
thanks for the reply.

i can get wwww-data to run everything in my script from a browser/php exec() with the exception of of my scp/pscp command - it seems putty can't cache the server key for www-data so i get that cache prompt every time. i put an .ssh folder inside /var/www/ thinking putty might cache the key there but to no avail. maybe this topic should be on a different forum.
 
Old 03-13-2008, 01:21 PM   #4
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Quote:
Originally Posted by helsing View Post
thanks for the reply.

i can get wwww-data to run everything in my script from a browser/php exec() with the exception of of my scp/pscp command - it seems putty can't cache the server key for www-data so i get that cache prompt every time. i put an .ssh folder inside /var/www/ thinking putty might cache the key there but to no avail. maybe this topic should be on a different forum.
I have no earthly idea of what your trying to accomplish at this time. Are you trying to setup ssh keys to login as www-data user? Did you not read my first reply closely? What exactly is the purpose of this user and what script does it run?
 
Old 03-13-2008, 01:35 PM   #5
helsing
LQ Newbie
 
Registered: Feb 2008
Posts: 11

Original Poster
Rep: Reputation: 0
right, sorry for the confusion.

what i want to do...

through a web interface (php exec() start a script that will:
record an mp3 stream....works
re-encode with header tags...works
remove working files...works
transfer the recorded mp3 to a podcast server using pscp...NOT WORKING

i am using pscp so i can glob the password and not worry about the password prompt.
i think pscp is till prompting to add the key of the server i am copying to to the putty cache.

i changed the user under which apache runs in apache environment variables to a user that i created and that has previously cached the server key. still doesn't work through the web interface. but running the script through the terminal works.

hope that makes sense.
 
Old 03-13-2008, 01:41 PM   #6
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 199Reputation: 199
Makes a little more sense but I don't understand the "putty cache" part of your problem. If you're having this server thru a web interface copy files to another remote server, you'll need the keys on the webserver and on the remote server it's going to. Putty is only used from a windows machine to connect remotely to a *nix thru ssh.

Did you generate the keys on the webserver and then add the authorized keys on the remote server you're trying to copy these to?
 
Old 03-13-2008, 01:53 PM   #7
helsing
LQ Newbie
 
Registered: Feb 2008
Posts: 11

Original Poster
Rep: Reputation: 0
no, i'm calling pscp from a linux machine. the first time a user connects to another machine putty(scp) asks if you accept the server key and want to have putty cache the key so the user won't be prompted next time. again i used pscp over scp because pscp can have the passoword in the glob part.

anyway, no worries. thanks for you help.
 
Old 04-19-2008, 10:51 AM   #8
jason.hendriks
LQ Newbie
 
Registered: Apr 2008
Posts: 2

Rep: Reputation: 0
helsing, I have the same issue as you.

I want to rsync from Host B to host A via ssh (actually, I'm using Unison instead of rsync so that the transfer is bi-directional). But ssh for the www-data user still demands a password after the ssh certificate is installed to /var/www/.ssh/authorized_keys.

I managed to make it work by changing the home directory from /var/www to /home/www-data in /etc/passwd. No more password prompts when using ssh to login as www-data. As for /var/www, I made it a symbolic link to /home/www-data.

Now my command runs without prompts (as root):
su - www-data -c "unison /var/www ssh://www-data@10.69.100.6//var/www -batch"


Quote:
Originally Posted by helsing View Post
thanks for the reply.

i can get wwww-data to run everything in my script from a browser/php exec() with the exception of of my scp/pscp command - it seems putty can't cache the server key for www-data so i get that cache prompt every time. i put an .ssh folder inside /var/www/ thinking putty might cache the key there but to no avail. maybe this topic should be on a different forum.

Last edited by jason.hendriks; 04-19-2008 at 11:12 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Why does www-data have /bin/sh as a shell? reverse Debian 2 11-18-2007 08:35 AM
security advice debian www-data nephish Linux - Security 3 10-16-2006 10:53 AM
when i excute su and password im gettin an authorization error adamf4i Linux - Newbie 12 08-07-2006 10:52 AM
need to make www-data as super-user ALInux Linux - Security 1 11-05-2005 10:11 AM
add www-data user restless Linux - Newbie 1 06-01-2004 08:51 AM


All times are GMT -5. The time now is 07:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration