Need ideas: moving stuff to server

[Bill Campbell]

On Sat, May 14, 2005, Michael Hipp wrote:
>David A. Bandel wrote:
>>Don't make is easy, do you?  But if you can ssh in then become root,
>>what's the difference?  If you're worried about dictionary attacks
>>against ssh as root, why not just disable password logins and only allow
>>via authorized_keys?  That would fix several problems in one step.
>
>I don't allow password logins nor do I allow root login. Only to bona 
>fide users and only with private keys. Forces the attacker to know a 
>*lot* to even begin to mount an attack.
>
>>Otherwise, I'd say you need to get a root key from the other system onto
>>your box as an authorized key, then put a script (mynewfile.sh) on the
>>other box that would take as arguments:  your IP, script name (full
>>pathed on your box), path where you want the script to go, permissions
>>for file.  Then just: ssh server mynewfile.sh mybox /home/me/myscript
>>/etc/init.d/myscript 755 <enter>
>
>Ok, I can imagine a script that does such. But how do I cross the "su" 
>barrier. I issue a command on the client that starts a script on the 
>server with several params sent across. But the script is running as me. 
> How I enable it to do su things automatically?

man sudo

Bill
--
INTERNET:   bill at Celestial.COM  Bill Campbell; Celestial Systems, Inc.
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

If you think health care is expensive now, wait until you see what it coses
when it's free -- P.J. O'Rourke