Could some of the more specific options in the authorized_keys file help? On the second server you could use the command="privileged command" option (man sshd, look for AUTHORIZED_KEYS FILE FORMAT). So you'd be setting up passwordless ssh with a particular key, but that key would be running a single command and then exiting.

Sean

On Thu, Mar 5, 2015 at 2:33 PM, Kevin McGregor <kevin.a.mcgregor@gmail.com> wrote:

I'm using Solaris 11.2. I can do this:

logon with an unprivileged account which is allowed to take on the 'root' role
su
type password
run privileged command
end the su

This works fine. The privileged command I want to run, though, is to SSH to another system with the same account and run the command *there* as the remotely privileged account/role, all from a script and without (obviously) having to type a password anywhere.

I've figured out how to do all this IF root is *not* a role and is a regular account. How do I do it while leaving root as a role?

Kevin

_______________________________________________
Roundtable mailing list
Roundtable@muug.mb.ca
http://www.muug.mb.ca/mailman/listinfo/roundtable

Sean Walberg <sean@ertw.com> http://ertw.com/