login about faq

We have the RSA Keys setup so that both the user1 (local user) and user2 ID’s will work without a password as long as the scripts are run as user1. The issue is that when the perl script runs it does not recognize that user1 ran the script and the RSA key setup does not allow just anyone to execute.

How could I set up the key so any one can execute my script?

Thanks,

asked Jun 01 '10 at 14:42

Anonimous's gravatar image

Anonimous
111

edited Sep 03 '10 at 09:40

Ville%20Laurikari's gravatar image

Ville Laurikari ♦
131129


If I'm understanding this correctly you want to share the keys on one host so multiple users on that host can use it for authentication.

You don't mention which operating system you're using, but on Linux (or any unix) you can

  • create a group, say "keyusers"
  • add each user who needs to use the keys to that group
  • create a keypair, put the private key in a shared location, for example "/etc/ssh2/shared-keys/key1"
  • chgrp the private key file to the keyusers group
  • make sure group members have read access to the private key

Then, in your perl script, use the "--identity-key-file=/etc/ssh2/shared-keys/key1" command line option to make the sshg3 or scp3 commands use the shared public key.

On Windows, you can achieve the same with a local user group and access control lists for the key files. The particulars are different but the general idea is the same.

Security notice: Group members have read access to the public key file. Therefore, they are able to copy the private key and do whatever they want with it, such as give it to a user who is not in the group.

A more secure way to achieve a similar thing is to use "host-based" authentication - please refer to the manual for more information.

link

answered Sep 03 '10 at 09:40

Ville%20Laurikari's gravatar image

Ville Laurikari ♦
131129

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×54
×6

Asked: Jun 01 '10 at 14:42

Seen: 4,025 times

Last updated: Apr 01 '11 at 18:22

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.