[paramiko] automated public key auth as another user

Powell, Joe joe.powell at lmco.com
Fri Sep 28 07:19:44 PDT 2007 

Todd,

Thank you for responding. Please pardon me if I am being dense. How do I
create a "specified user's key" (as you state below) without creating
that user? Here is my scenario:

A. I am user "Joe".
B. I want to login to box 10.1.1.100 as user "Bob" without having to
create a user named "Bob" on my box.
C. I append Joe's public key ~/.ssh/id_rsa.pub to
/home/Bob/.ssh/authorized_keys on 10.1.1.111. (I log in to 10.1.1.111
without a password as Joe.) 
D. In my paramiko script, I am unable to log in to 10.1.1.111 as Bob
using Joe's private key file, i.e.
auth_publickey('Bob','/home/Joe/.ssh/id_rsa').

The best I can do is:
A. Create user Bob and a key for it on my box.
B. Copy the key to Joe's .ssh directory as something like 'Bobs_id_rsa'.
C. Append Bob's public key /home/Bob/.ssh/id_rsa.pub on my box to
/home/Bob/.ssh/authorized_keys on 10.1.1.111.
C. Specify Bob's private key, e.g. /home/Joe/.ssh/Bobs_id_rsa, in the
script. This works but it means I have to create Bob.

Please help me see what I am missing. 

Regards,
Joe 

-----Original Message-----
From: Todd Whiteman [mailto:toddw at activestate.com]
Sent: Thursday, September 27, 2007 4:05 PM
To: Powell, Joe
Cc: paramiko at green.lag.net; Smith, T; Valencik, Kenneth; Nonamaker,
William T
Subject: Re: [paramiko] automated public key auth as another user

Powell, Joe wrote:
> Hello. First, I would like to thank you for developing paramiko. My 
> question is, using paramiko, how can I login to a system using public 
> key (passwordless) authentication as another user without having to 
> create that user on my system.

You should never have to create the user on the local machine in order
to log into a remote machine. That sounds strange.

 > I have copied another user's private key
> to my ~/.ssh folder with a name such as "another_user.id_rsa" and 
> successfully used that as the private key to log in as "another_user",

> but I had to create "another_user" and its key first. I am writing a 
> script in which I need to log in to numberous different systems each 
> with a different userid--and I would much prefer to not have to create

> each of these userids on my system just so I can create a key for it.
> It is specified that WE must initiate all transfers, so it is not a 
> solution for them to give us their key and login to our system.
>  
> Thank you for any help you can provide.
> Regards,
> Joe Powell
> 

If you download the paramiko zip file, you'll notice that it contains a
demos subfolder with the file "demos/demo.py", which demonstrates how to
use SSH keys to log in to a remote system. Paramiko lets you choose
which SSH keys to load, so it should be quite straight forward to load
the specified user's key and then log in to the remote system for that
particular user.

Cheers,
Todd

More information about the paramiko mailing list