Discussion:
[Fab-user] How to do two-step ssh with sudo user
Hanks
2015-02-17 07:18:46 UTC
Permalink
​Hi,

I want to implement command below:

localhost->host1->host2

1. ssh host1 [from localhost]
2 .sudo -u superuser ssh host2 [from host1]
3. command [from host2]

How to use fabfile to do things like that. I find gateway can jump from
localhost to host2, but how to transfer sudo user in host1.

Thank you for your time.
​
Jeff Forcier
2015-02-20 20:57:54 UTC
Permalink
Hi Hanks,

You should look into using ProxyCommand for that; the native gateway
in SSH does lower level networking to perform the bridge so it's not
able to do anything like escalating permissions or reading files on
the gateway. (I assume your need here is to leverage credentials only
present on the gateway?)

See http://docs.fabfile.org/en/1.10/usage/execution.html?highlight=proxycommand#leveraging-native-ssh-config-files

Best,
Jeff
Post by Hanks
Hi,
localhost->host1->host2
1. ssh host1 [from localhost]
2 .sudo -u superuser ssh host2 [from host1]
3. command [from host2]
How to use fabfile to do things like that. I find gateway can jump from
localhost to host2, but how to transfer sudo user in host1.
Thank you for your time.
_______________________________________________
Fab-user mailing list
https://lists.nongnu.org/mailman/listinfo/fab-user
--
Jeff Forcier
Unix sysadmin; Python/Ruby engineer
http://bitprophet.org
Loading...