bash - Changing user to root when connected to a linux server and copying files -

-

my script coded in way doesn't allow connect server directly root. code copies files server computer , works don't have access many files because root can access them. how can connect server user , copy files switching root?

code want change:

sshpass -p "password" scp -q -r username@74.11.11.11:some_directory copy_it/here/

in other words, want able remotely copy files accessible root on remote server, don't wish access remote server via ssh/scp directly root.

is possible through ssh , not sshpass?

if understand question correctly, want able remotely copy files accessible root on remote machine, don't wish (or can't) access remote machine via ssh/scp directly root. , separate question whether done without sshpass.

(please understand solutions suggest below have various security implications , should weigh benefits versus potential consequences before deploying them. can't know specific usage scenario tell if these idea or not.)

when ssh/scp user, don't have access files accessible root, can't copy of them. need instead "switch root" once connected in order copy files.

"switching root" command accomplished prefixing sudo, approach remotely execute commands copy files via sudo /tmp on remote machine, changes owner connected user, , remotely copy them /tmp:

ssh username@74.11.11.11 "sudo cp -r some_directory /tmp" ssh username@74.11.11.11 "sudo chown -r username:username /tmp/some_directory" scp -q -r username@74.11.11.11:/tmp/some_directory copy_it/here/ ssh username@74.11.11.11 "rm -r /tmp/some_directory"

however, sudo prompts user's password, you'll "sudo: no tty present , no askpass program specified" error if try this. need edit /etc/sudoers on remote machine authorize user use sudo needed commands without password. add these lines:

username all=nopasswd: /bin/cp username all=nopasswd: /bin/chown

(or, if you're cool user being able execute command via sudo without being prompted password, instead use:)

username all=nopasswd:

now above commands work , you'll able copy files.

as avoiding using sshpass, instead use public/private key pair, in private key on local machine unlocks public key on remote machine in order authenticate user, rather password.

to set up, on local machine, type ssh-keygen. accept default file (/home/username/.ssh/id_rsa). use empty passphrase. append file /home/username/.ssh/id_rsa.pub on local machine /home/username/.ssh/authorized_keys on remote machine:

cat /home/username/.ssh/id_rsa.pub | ssh username@74.11.11.11 \ "mkdir -m 0700 -p .ssh && cat - >> .ssh/authorized_keys && \ chmod 0600 .ssh/authorized_keys"

once you've done this, you'll able use ssh or scp local machine without password authorization.


Comments

Post a Comment

Popular posts from this blog

c++ - OpenCV Error: Assertion failed <scn == 3 ::scn == 4> in unknown function, -

-
i read alot other solution still confused should mine... #include <opencv2/objdetect/objdetect.hpp> #include <opencv2/highgui/highgui.hpp> #include <opencv2/imgproc/imgproc.hpp> #include <iostream> #include <stdio.h> using namespace std; using namespace cv; int main(int argc, const char** argv) { //create cascade classifier object used face detection cascadeclassifier face_cascade; //use haarcascade_frontalface_alt.xml library face_cascade.load("haarcascade_frontalface_alt.xml"); //setup video capture device , link first capture device videocapture capturedevice; capturedevice.open(0); //setup image files used in capture process mat captureframe; mat grayscaleframe; //create window present results namedwindow("outputcapture", 1); //create loop capture , find faces while (true) { //capture new image frame capturedevice >> captureframe; ...
Read more

php - render data via PDO::FETCH_FUNC vs loop -

-
i've been using 2 methods render data. the first one: function name($id,$name){ return '<div id="'.$id.'">'.$name.'</div>'; } echo implode($pdo->query("select id,name user")->fetchall(pdo::fetch_func,'name')); the second one: $users = $pdo->query("select id,name user")->fetchall(pdo::fetch_obj); foreach($users $user){ echo name($user->id,$user->name); } i don't understand how pdo::fetch_func works. tried figure out. however, not well-documented. could please explain fetch mode? , also, 1 performs better? thank you. both methods wrong , have learn how use templates , how separate business logic presentation logic. $users = $pdo->query("select id,name user")->fetchall(pdo::fetch_obj); tpl::assign('users', $users); is code business logic part. then in template <?php foreach $users $row): ?> <div id="<?=$...
Read more

The canvas has been tainted by cross-origin data in chrome only -

-
uncaught securityerror: failed execute 'getimagedata' on 'canvasrenderingcontext2d': canvas has been tainted cross-origin data i getting above error in chrome. code(following) works fine in mozilla. have not corss domain issue. why above error in chrome? var wheel_canvas, wheel_context, can_w, can_h, wheel_grd; var large_radius = 160; var small_radius = 120; var wheel_canvas = document.getelementbyid('wheel_canvas'); var wheel_context = wheel_canvas.getcontext('2d'); var can_w = $(wheel_canvas).width(); var can_h = $(wheel_canvas).height(); var centerx = can_w / 2, centery = can_h / 2; var wheel_grd = null; test('#ff0000'); function test(hex) { $('#clrpicker').css({'left': 210, 'top': 210 }); inverted = hexbw(hex); $('#color_val_show').val(hex); current_color_hex_val_selected = hex; $('#color_val_show').css({'color':inverted,'background':hex}); fillgradient...
Read more