[ale] ssh / sudo file transfer?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Dec 5 17:23:55 EST 2007


On Wed 2007-12-05 16:39:24 -0500, Jeff Lightner wrote:

> I'm wondering if anyone has successful pipeline for such file
> transfers or some other solution that does not require me to enable
> ssh trusts 

You can avoid the key-based setup but still only do one OpenSSH
authentication by using OpenSSH's Session Multiplexing features
(i.e. the ControlMaster and ControlPath options).

> for the user or to setup special sudo commands.

If sudo requires the user to enter their password for every command,
you might be SOL.  OTOH, if it caches authentication for a limited
period of time (and doesn't limit the cache to one controlling
terminal) then you could use sudo's authentication caching with a
simple "sudo -v" in the first connection made (which also sets up the
ControlPath socket).  Then while that connection is held open, you
could slide the tarball through on a second (multiplexed) session.

You'll probably run into some trouble figuring out how to get the
timing right (the second session should only start up after the user
has successfully authenticated with sudo -v), but the basic principle
should be sound.

       --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available




More information about the Ale mailing list