I have a script that logs into a remote host via ssh -t
and uses sudo service foo restart
.
The requirement is to avoid the prompt for a password on the remote host. The remote host authenticates via SSH certificate. The sudoers
file on the remote host allows that user to execute the service command with NOPASSWD
.
However, during my tests, I'm prompted for a password and this is unacceptable. If I run this manually without the -t
flag, it works. However the -t
flag throws everything off.
Is there a way around this?
Best Answer
Maybe disabling the
requiretty
option insudoers
and runningssh
without the-t
flag (or with-T
) works.Add something like this to
sudoers
(untested):Combine that with the
NOPASSWD
you're already using and you should be able to run the sudo command without a pseudo-tty allocated.You could also change
requiretty
for the command instead of the user.