Running a command on a remote server asks for password (debian)
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Running a command on a remote server asks for password (debian)
hello,
I am not seeing what i am doing wrong here, but here goes:
From my server I need to run a command for backup on 25 remote servers (through a script). Now I have pushed the public keys for remote ssh connectivity on all of them and it works ( I can push files using rsync without the need to enter passwords on the remote servers), howver, I need to run the following command:
ssh odsadmin@10.139.111.1 'cp -a /var/www/life /var/www/life-v4'
when I run this command, I keep getting asked to enter the password, I even tried putting sudo in front of the cp, but still get the request to enter the password.
Am I missing something, or need additional steps here ?
Why you putting a ' before and after the command. I mean we never run that way on local server and as you have configured ssh without password it should be like you run a command on a local server. Trying removing ' from the command and see if that work.
Why you putting a ' before and after the command. I mean we never run that way on local server and as you have configured ssh without password it should be like you run a command on a local server. Trying removing ' from the command and see if that work.
As you said ssh works and you dont have to enter the password. I hope you have configured it following way:
He is using the paren's because that tell's SSH to run a single command and disconnect. Normaly used with a ssh -q to keep all the exchanges hushed.
You need to verify that your id_rsa.pub was copied VERBATIM to the that servers users /home/odsadmin/.ssh/authorized_keys.
Then verify that the files and folders you are moving around have the permissions set for user odsadmin
He is using the paren's because that tell's SSH to run a single command and disconnect. Normaly used with a ssh -q to keep all the exchanges hushed.
You need to verify that your id_rsa.pub was copied VERBATIM to the that servers users /home/odsadmin/.ssh/authorized_keys.
Then verify that the files and folders you are moving around have the permissions set for user odsadmin
SSH will anyway going to exit when you run the command: ssh username@server ls -l or any command. I don't see any significance of using ' in the command line but you can use it. Not sure what do you mean by exit. I am assuming you mean getting back to the original server console once command it execute. As per my testing that works with '.
Just try it.
@ zakzy
Did you try creating an script on the destination and then calling it from source server via ssh? Something like this:
1. vi /home/user/copy.sh
2. Enter the following contents in the file: cp -a /var/www/life /var/www/life-v4
3. Save and exit the file
4. chmod 777 /home/user/copy.sh (set the file permission as required, I am just giving an example)
5. From the source server call that script using the following: ssh odsadmin@10.139.111.1 /home/user/copy.sh
The command without ' ' works, but it still asks for the password.
I then followed the instructions of writing the copy.sh file, and then ran the command from my local server, but this time I got the following message:
Running the command with sudo asks for the password.
The rsa keys are copied over correctly, as when running rsync to send a file to the remote server, I do not get prompted for a password, the rsync just starts copying automatically.
Do I need to edit the the permissions for odsadmin and it is writing to a file on the remote server ?
This is what permissions the remote server directory has:
Fair enough, I think I've always used the quotes just as a habbitt then!
Your permissions are still not set. Check the permissions on the file and the var directories. Generally var/www is owned by user apache I thought. To fix the passeord give your user osadm sudoers rights via visudo with the NOPASSWD option after the ALL:ALL statement if you want.
pafoo is right. It appears that odsadmin does not have rights on /var/www . As suggested by pafoo run ls -al /var/www . I would also suggest running getacl /var/www to see if there is any acl set on the directory.
I would like to avoid putting the NOPASSWD for odsadm if it is at all possible as what I need to do needs to be done on around 25 servers ... is there another option ?
You are trying to copy all the contents of /var/www/life to /var/www/life-v4 directory. I would suggest setting up acl for that particular user on that particular directory. Try the following on one of the server and if it works perform on the other servers as well. The problem here is that the user account does not have the sufficient rights on the location where you are trying to create the file. You have to perform it manually on all server. The best you can do is to ssh as normal user and then su - root. Following are the steps:
1. mkdir /var/www/life-v4
2. chown www-data:www-data /var/www/life-v4
3. setfacl -m odsadmin:rwx /var/www/life-v4 (You have to do the same for life directory if the user odsadmin does not have rights on it)
4. Try running the command using ssh odsadmin@10.139.111.1 /home/odsadmin/copy.sh or the way you were trying in the beginning: ssh odsadmin@10.139.111.1 'cp -a /var/www/life /var/www/life-v4'
To troubleshoot, I would start by asking you the following questions...
1. Can you run the cp command you are using in ssh, locally on the server using the user "odsadmin"
2. Is the UID of "odsadmin" same on all servers ? ( They will be if the user is centralized )
3. Is there a problem only with the cp command or can you run other commands (eg ssh odsadmin@10.139.111.1 uptime )
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.