If it is the case that you could normally just log in and use
sudo manually, then you must have a pseudo-terminal there in your script.
So swap the -n for -t:
Code:
while read host;do
ssh -t $host "sudo grep blah /var/log/file";
done < /tmp/serverlist | tee /tmp/server_results
That will allow you to type the password for
sudo.
If you must be able to do this without a password, then I agree it is a job for your system administrator. However two modifications are needed. One is in your script. That is that because of how * misbehaves in /etc/sudoers it is safer to use string literals, that means you have a rare situation where
cat is of use:
Code:
while read host;do
ssh -t $host "sudo cat /var/log/file | grep blah";
done < /tmp/serverlist | tee /tmp/server_results
The other is in /etc/sudoers, they can set the following to allow you to read that one log file and only that one log file:
Code:
%robbotsgroup ALL=(root:root) NOPASSWD: /bin/cat /var/log/file
I highly recommend Michael W Lucas' book
sudo Mastery to fill in the gaps with configuring
sudo.