cat user_public_key.pub | ssh root@<host> "cat | su -c 'mkdir -m 700 -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys' <user>"

having root on server, add user's public key to his keys (no password required)


-2
By: noisy
2016-05-09 08:48:40

These Might Interest You

  • You will be prompted for a password unless you have your public keys set-up.


    1
    rsync -av -e ssh user@host:/path/to/file.txt .
    root · 2009-01-26 13:39:24 1
  • Connect EC2 server with public keys "/root/.ec2/id_rsa-gsg-keypair" or "/root/.ec2/keypair.pem"


    -2
    rsync -avvvz -e "ssh -i /root/.ec2/id_rsa-gsg-keypair" --archive --progress /root/.ec2/id_rsa-gsg-keypair root@ec2-75-101-212-113.compute-1.amazonaws.com:/root
    lalit241 · 2010-01-22 17:21:58 0
  • Connect EC2 server with public keys "/root/.ec2/id_rsa-gsg-keypair" or "/root/.ec2/keypair.pem"


    -2
    rsync -avvvz -e "ssh -i /root/.ec2/id_rsa-gsg-keypair" --archive --progress /root/.ec2/id_rsa-gsg-keypair root@ec2-75-101-212-113.compute-1.amazonaws.com:/root
    svnlabs · 2010-01-22 16:53:42 0
  • It grabs all the database names granted for the $MYSQLUSER and gzip them to a remote host via SSH.


    6
    for I in $(mysql -e 'show databases' -u root --password=root -s --skip-column-names); do mysqldump -u root --password=root $I | gzip -c | ssh user@server.com "cat > /remote/$I.sql.gz"; done
    juliend2 · 2010-03-07 15:03:12 1
  • If you frequently need to connect to your ubersecure mainframe from various uberunsafe machines, you have to face difficult decision: (a) type the password everytime during the session (lame), (b) add local public key to mainframes authorized_keys file (unsafe), (c) as above, but remove this key at the end of the session (pain in the a55). So let's say you save The Command to tempauth file in bin directory of your mainframe's account and make it executable. Then, while you're on one of these unsafe ones, do: cat $HOME/.ssh/id_rsa.pub|ssh 5z474n@mainframe.nl bin/tempauth 30 and password prompts stop the harassment for 30 minutes and you don't have to care to remove the unsafe key after that.


    1
    Keys=$HOME/.ssh/authorized_keys;Back=$Keys.tmp.bak;Time=${1:-15};cp $Keys $Back;cat /dev/stdin >>$Keys;echo mv $Back $Keys|at now+${Time}minutes;
    5z474n · 2009-07-15 23:45:02 0
  • In my work environment, we log onto the servers as our user ('user', in the sample ouput), and 'sudo su - root' to other accounts. This trick allows us to return the account name we logged in as -- and not the account name we currently are ('root', in this example). Using this trick, you can build other commands: Set your CVSROOT env variable to your account name: CVSROOT=$(who am i | awk '{print $1}')@cvs.server.example.com:/cvsroot SCP a file to another server: scp file.txt $(who am i | awk '{print $1}')@some.other.server.com:. This works out great in my environment, as we can include this in our documentation and make the comands more easy to copy/paste for different users, and not have to set all sorts of variables, or modify the docs for each user. whoami gives you the name of the user you currently are, not the user you logged on originally as. who gives you a listing of every single person logged onto the server. who am i gives you the name of the user you logged on as, and not who you changed to with su. Look at the following scenario: whoami user su - # whoami root # who am i user pts/51 2009-02-13 10:24 (:0.0) whoami != who am i Show Sample Output


    -18
    who am i
    ozymandias · 2009-02-20 16:26:11 9

What Others Think

First of all, this requires SSHD to be running with PermitRootLogin Yes in /etc/ssh/sshd_config which is off by default on most servers these days. People use sudo for best practice or just su - at least. This command looks a little dangerous. I don't have a sandbox server/VM to test it on at the moment but it looks like you'd want to specify ~USER/.ssh/authorized_keys instead of ~/.ssh/authorized_keys. Same for ~user/.ssh/authorized_keys of course. I think you might have the order of parameters mixed up. You have to do su -c ... NOT su -c ...
sonic · 105 weeks and 5 days ago
Oh right, this reads HTML.. you have to do: su - user -c .. not su -c ... user
sonic · 105 weeks and 5 days ago
too many cats
mpb · 103 weeks and 2 days ago
(or her keys)
trissypissy · 101 weeks and 6 days ago

What do you think?

Any thoughts on this command? Does it work on your machine? Can you do the same thing with only 14 characters?

You must be signed in to comment.

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands



Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: