How does sudo remember you already entered root's password?

What is the best way to provide sudo password to a remote machine from a script?

I am writing a script that basically does "ssh -t name@machine 'sudo reboot'". this script sshs into a bunch of machines and reboots them. is there a way i could pass the sudo password of the machines in the ssh command so that I don't have to manually type password for each 'sudo passwd' command.
Answer:

First of all, as Tristan has said, the most secure way of setting this up is to use a passwordless sudo. Nonetheless, you can further harden things by creating a specific user for this task, and then restricting its ssh access so that it can only run this command. Basically, you first create a 'rebooter' user on each of the machines that have to be rebooted, and disable password authentication for them by issuing a 'passwd -l rebooter'. Next, you setup the '/etc/sudoers' file to allow this user to passwordless run '/sbin/reboot' as root, following 's instructions. Finally, in their corresponding '.ssh/authorized_keys' file, you setup the public key like this: from="the.controller.machine",command="/usr/bin/sudo /sbin/reboot" ssh-rsa AAAA(your key's data here)== [email protected] Thereafter, the 'rebooter' user can only connect from 'the.controller.machine', and it can only issue the 'sudo reboot' command. In fact, it will issue the 'sudo reboot' command even if it tries to specify any other command on its side.

Was this solution helpful to you?

Other answers

The best approach would be to modify /etc/sudoers to allow for certain commands to be performed by specific users without requiring the user to authenticate themselves. Here is the documenation on the sudoers file http://www.sudo.ws/sudo/sudoers.man.html tristan ALL= NOPASSWD: /sbin/reboot This configuration would allow me (my username is tristan) to sudo reboot without typing my password You can further limit this by the following tristan 192.168.0.0/255.255.255.0= NOPASSWD: /sbin/reboot This would allow me to sudo reboot without typing my password if I was performing the command via a network connection in the 192.168.0.0 block tristan workstation= NOPASSWD: /sbin/reboot This would allow me to call the command via a machine called workstation. I would have to have an entry in my hosts file defining what workstation is.

Tristan Irwin

The other answers are better and smarter, but just to be clear, sudo has the -S argument to allow reading from stdin. Obligatory security lecture applies, do not use *echo* or any other command that will cause the password to show up in *ps* output, nor hard coding in any scripts.

Andy Harrison

Related Q & A:

What's the best way to get a job in a restaurant?Best solution by Yahoo! Answers
What's the best way to get smudges off of a plasma?Best solution by Yahoo! Answers
What is the best way to find new members for a yahoo group?Best solution by Yahoo! Answers
What is the best way to get back links to a website?Best solution by Yahoo! Answers
What is the best way to negotiate a salary for a new position?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.