0

I try to run a local script on multiple remote servers as root. I don't have su to root on those but just can run root commands using sudo. So far I tried:

for host in $(cat hosts_list); do ssh -tt $host "echo mypassword | sudo bash -s" < ./myscript.sh

And in myscript.sh there is something like:

echo "test test123" >> /etc/tests
exit 0

But it looks like not working and won't change the file. What is the proper way to run this script as root and without typing password separately for each host?

JavaRed
  • 708
  • 4
  • 10
  • 34

1 Answers1

0

Ok, then why do you "echo mypassword" ?

Can't you add your SSH account to the sudoers file with NOPASSWD ?

From man sudoers:

 authenticate      If set, users must authenticate themselves via a password (or other means
                   of authentication) before they may run commands.  This default may be
                   overridden via the PASSWD and NOPASSWD tags.  This flag is on by default.
SegFault
  • 1,097
  • 1
  • 14
  • 14
  • I know I can run a local script on remote server like indicated here: http://serverfault.com/questions/617116/run-local-script-over-ssh But the thing is in above example root access to the server is allowed. In my environment it is not. So I need to run my local script with sudo and just wanted to know if it would be possible without typing a password for each host separately – JavaRed Mar 07 '17 at 00:46
  • Ok, I didn't get the point at first. I hope this can solve your problem. – SegFault Mar 07 '17 at 01:09
  • I can already connect remote server passwordless using my own user. But root access nor su - not allowed. So I need to find a way to run my local script using sudo and not typing my sudo password every time because I need to do it for more than 300 servers. – JavaRed Mar 07 '17 at 01:19
  • 1
    That sounds to be exactly the purpose of `NOPASSWD` tag in sudoers. – SegFault Mar 07 '17 at 08:23
  • @JavaRed The sudoers file has *nothing* to do with `ssh`; editing this eliminates the need to type your password for the `sudo` command. (That said, completely eliminating the need for a password is probably overkill; you should try to configure `sudo` to only run this particular command without a password.) – chepner Mar 07 '17 at 12:32