Windows, Net::SSH: how do I send a password to sudo?


J

James Dinkel

I'm establishing an ssh connection and then I want to run a command as
sudo. Now, normally, the user will be prompted to put in a password to
run the command as sudo.

Here is my script:
-----------
Net::SSH.start( 'files02', 'myuser', 'mypassword' ) do |session|
session.open_channel do |channel|
channel.on_data do |ch, data|
puts data
end

channel.exec "sudo echo \"hello\""

end

session.loop
end
 
Ad

Advertisements

J

Jonathan Hudson

I'm establishing an ssh connection and then I want to run a command as
sudo. Now, normally, the user will be prompted to put in a password to
run the command as sudo.

Here is my script:
-----------
Net::SSH.start( 'files02', 'myuser', 'mypassword' ) do |session|
session.open_channel do |channel|
channel.on_data do |ch, data|
puts data
end

channel.exec "sudo echo \"hello\""

end

session.loop
end
------------

But this doesn't prompt for a password ( not surprisingly ) and of
course doesn't run the command. Any ideas on how I could get the
password prompt to the user?

a. Add user / command to /etc/sudoers, so a pasword is not required;

b. Ask for the password in your script, and then
channel.exec "echo #{password} | sudo -S echo \"r00ted\"".

In the latter case, don't blame me when you later suffer from a severe
case of unexpected local user privilege escalation.

-jh
 
J

James Dinkel

Jonathan said:
a. Add user / command to /etc/sudoers, so a pasword is not required;

b. Ask for the password in your script, and then
channel.exec "echo #{password} | sudo -S echo \"r00ted\"".

In the latter case, don't blame me when you later suffer from a severe
case of unexpected local user privilege escalation.

-jh

ah yeah, I thought of the echoing in from stdin after I posted the
question. I don't see what you mean by "suffer from a severe case of
unexpected local user privilege escalation" though.
 
J

Jonathan Hudson

ah yeah, I thought of the echoing in from stdin after I posted the
question. I don't see what you mean by "suffer from a severe case of
unexpected local user privilege escalation" though.

Occurred to me that there is a chance of the password being visible
via ps or such.

-jh
 
J

James Dinkel

This isn't working. It seems to be having a problem with the pipe. I
think I'll have to figure out how to send stdin into a channel (I seem
to remember seeing something about this in the net-ssh docs).
 
J

James Dinkel

James said:
This isn't working. It seems to be having a problem with the pipe. I
think I'll have to figure out how to send stdin into a channel (I seem
to remember seeing something about this in the net-ssh docs).

for the life of me I still can not get this to work. The pipe actually
seems to work fine for other commands I tried (just to see) but not with
sudo. What's the deal?!
 
Ad

Advertisements

E

Eric Hodel

for the life of me I still can not get this to work. The pipe
actually
seems to work fine for other commands I tried (just to see) but not
with
sudo. What's the deal?!

Don't send a password to sudo via a pipe.

Change the sudoers file instead to allow your user to sudo without a
password.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top