2

I' m sure you will find the question similar to many other posts on stackoverflow or on internet. However, I could not find the solution to my problem precisely. I have list of task to be run on remote server, and passing the script is OK! however does not suit to the requirement.

I' m running following from my server to connect to remote server; 

 ssh -t user@server << 'HERE'
   sudo su - <diff_user> 
   do task as diff_user
 HERE

 ssh -tt user@server << 'HERE'
   sudo su - <diff_user> 
   do task as diff_user
  HERE

With first option (-t), I' m still not able to do sudo, it says below;

sudo: sorry, you must have a tty to run sudo

With second option above (-tt), I' m getting reverse input/output to current server session, total mess.

I tried passing the content as an script to SSH to run on remote host, however, getting similar results.

Is there a way other than commenting out below?

Defaults requiretty in /etc/sudoers file

I have not tried above though, I know RedHat approved it to be removed/ commented out in future version, whenever that is. If I go with step, I will have get above done in 100's of VM's (moreover, I dont have permission to edit the file on VM's and give it a try).

Bug 1020147

Hence, my issue remains the same, as before. It would be great if I can get some input from experts here :)

Addition Info : Using RedHat RHEL 6, 2.6.32-573.3.1 I do have access to the remote host and once I' m in, my ID does not require password to switch to diff_user.

simer
  • 23
  • 4

2 Answers2

1

When you are asking this way, I guess you don't have passwordless sudo.

You can't communicate with the remote process (sudo), when you put the script on stdin.

You should rather use the ssh and su command:

ssh -t user@server "sudo su - <diff_user>  -c do task as diff_user"

but it might not work. Interactive session can be initiated using expect (a lot of questions around here).

Jakuje
  • 24,773
  • 12
  • 69
  • 75
  • Thanks! for the response Jakuje. I need to run quite a task on remote host, and passing it all on one line is last idea. I do have password less sudo, I need to pass password for 'user' but not for sudoing to 'diff_user' when ' m in server as 'user' I tried running `ssh -t user@server "sudo su - < HERE`. But it seems like illegal use of the ssh. Could you please guide? – simer Apr 19 '16 at 08:58
0

I was trying to connect to another machine in an automated fashion and check some logs only accessible to root/sudo.

This was done by passing the password, server, user, etc. in a file — I know this is not safe and neither a good practice, but this is the way it will be done in my company.

I have several problems:

  • tcgetattr: Inappropriate ioctl for device;
  • tty related problems that I don't remember exactly;
  • sudo: sorry, you must have a tty to run sudo, etc..

Here is the code that worked for me:

#!/bin/bash
function checkLog(){
FILE=$1
readarray -t LINES < "$FILE"
machine=${LINES[4]}
user=${LINES[5]}
password=${LINES[6]}
fileName=${LINES[7]}
numberOfLines=${LINES[8]}

IFS='' read -r -d '' SSH_COMMAND <<EOT
sudo -S <<< '$password' tail $fileName -n $numberOfLines
EOT

RESULTS=$(sshpass -p $password ssh -tt $user@$machine "${SSH_COMMAND}")
echo "$RESULTS"
}

checkLog $1
James Risner
  • 5,451
  • 11
  • 25
  • 47
Idealdo Félix
  • 61
  • 3