HPE Community
Operating System - HP-UX
1833758 Members
2121 Online
110063 Solutions
New Discussion

Run remsh command with no login account on target host

 
Norman Dignard
Regular Advisor

‎10-06-2004 04:39 AM

‎10-06-2004 04:39 AM

Run remsh command with no login account on target host

I'm trying to allow users on other hosts to execute a command on another host to start a service using sudo.

The problem I have is that users need a login account on the target for it to execute. I don't want users to be able to log on the target host.

I've setup hosts.equiv on the target with one entry: + +

Users accounts have the same uid/gid on their host and the target host however I want to make disable login capability on the target. If I set the user's shell to /usr/bin/false in the passwd file on the target host the command fails.

How can I set this up so that users cannot remotely login to the target host yet still execute a remsh command? I though of rexec but I also don't what users to be prompted for a password.

Norm







0 Kudos
Reply
6 REPLIES 6
Rick Garland
Honored Contributor

‎10-06-2004 04:44 AM

‎10-06-2004 04:44 AM

Re: Run remsh command with no login account on target host

If you setup users on the target host you can have their profiles exit out. Granted they are able to technically "log in" but they are unable to do anything except watch the copyright screen scroll by.


Try the command listed below.
"remsh $SYSTEM -n



0 Kudos
Reply
Norman Dignard
Regular Advisor

‎10-06-2004 05:03 AM

‎10-06-2004 05:03 AM

Re: Run remsh command with no login account on target host

Forgive my ignorance but how would I do that?
Most users accounts are only created in the passwd file. They do not have a local home dir on the target host. The reason for this is due to a client server app that needs consistent UID/GIDs. Provided that they are the same on the server and client everything works fine. We have not yet set up NIS+ as were looking at a common login implementation across Windows/Unix

0 Kudos
Reply
Rick Garland
Honored Contributor

‎10-06-2004 05:53 AM

‎10-06-2004 05:53 AM

Re: Run remsh command with no login account on target host

Could you not test for the hostname and if the hostname is the target, then exit out.
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎10-06-2004 06:19 AM

‎10-06-2004 06:19 AM

Re: Run remsh command with no login account on target host

Got it.

Set the users up for ksh

create .kshrc for each of them:

# Say good bye for interactive shells
echo $-
case $- in
*i*) exit 0;;
*);;
esac

In their .profile:

ENV=$HOME/.kshrc; export ENV # To set up korn shell (ksh)

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
Volker Borowski
Honored Contributor

‎10-06-2004 06:40 AM

‎10-06-2004 06:40 AM

Re: Run remsh command with no login account on target host

Norm,

you could set up those users to share an overall common home directory.

Second: Configure a script that sudo's your programm as the login shell. -> Let them rlogin instead of remsh :-)

Volker
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎10-06-2004 06:11 PM

‎10-06-2004 06:11 PM

Re: Run remsh command with no login account on target host

Setup /etc/hosts.equiv on both machines with

+ + entry there.

Try as,

remsh -l -n "shell command"

Else
use rexec there.

rexec -l -n "
command"

It will not prompt for passwd there.

IF you use rlogin we can not control remote shell commands with the executed command there on new shell.

HTH.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.