0

I'm trying to write a script so that it can be called by one user and is executed as another user. I thought that setuid might be able to do this so I enabled setuid using chmod u+s with the owner of the script being user1. I call the script (which only contains whoami right now) as user2 and it still shows user2 instead of user1. How can I make this be user1.

-- My end result is I want one user to be able to call this script and have it ssh into another server and execute a command as another user.

Paul
  • 13
  • 3

2 Answers2

0

Sounds like you need a third user in your security model, who can run the program, but is otherwise unprivileged. This third user is an assumable identity for a number of users so they can run the process on the remote server.

Josh Wulf
  • 4,727
  • 2
  • 20
  • 34
0

You can copy that user's key (id_rsa) and pass it to ssh when connecting to the server:

ssh -i user1_id_rsa user1@server

However, this is rather a bad solution, security-wise. Adding the user's key to the authorized keys on the server, as I said in the comment, is the proper way to do it, and you should really look into that.

Michał Wojciechowski
  • 2,480
  • 15
  • 9