[ale] service user vs no login user and ssh into it

[Scott Plante]

I'm not sure if this will solve your problem, but it may. Also I've been using ssh keys for years and only just learned you can supply commands in your authorized_keys file, and only that command will be executed, which I found to be pretty cool. I suspect this may be true even if /bin/false or /sbin/nologin is the user's shell but I haven't tried it. Of course you can always just make the shell bash but the password a newly generated uuid that you don't record anywhere. 


https://research.kudelskisecurity.com/2013/05/14/restrict-ssh-logins-to-a-single-command/ 


Scott Plante 


----- Original Message -----

From: "Narahari 'n' Savitha" <savithari at gmail.com> 
To: "Atlanta Linux Enthusiasts - Yes! We run Linux!" <ale at ale.org> 
Sent: Tuesday, July 25, 2017 11:57:24 AM 
Subject: [ale] service user vs no login user and ssh into it 


Friends: 


I want to create a user called myansible. 


This user will have sudo rights (have to enter password) 


However I want to set it up as a NO-LOGIN user. Its only purpose is to run deployments and thats it. 


The question is if it cannot login how can I put the .ssh/authorized_keys so I can run stuff over ssh (Read ansible) ? 


Am I missing something ? 


-Narahari 
_______________________________________________ 
Ale mailing list 
Ale at ale.org 
http://mail.ale.org/mailman/listinfo/ale 
See JOBS, ANNOUNCE and SCHOOLS lists at 
http://mail.ale.org/mailman/listinfo 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170725/8e8bde95/attachment.html>