sudo over ssh magic

  |   Source


you have a datacenter full of Ubuntu Servers. 


you are the guy with sudo rights.


you need to run a command on all those servers, 
but this command needs to run with superuser privileges.


you didn't tweak your /etc/sudoers to allow 
this command to run without a password.


you try this: ssh $host sudo command_to_run


this will ask you always for your sudo password
and it is echoing your password to your output device


there is hope!


ssh -t -t -t $host sudo -S command <<EOF
<enter your password here>

Preferences for this to work:
  1. ssh authentication via public key without a passphrase (you have an account for such purposes with a holy secret ssh key without a passphrase)
  2. you are sitting alone in front of your workstation to enter your sudo password without anyone seeing it.

  1. ssh $host sudo command
    will echo the sudo  password back to your terminal, this is nothing you want
  2. ssh -t forces the allocation of a pseudo-tty (read ssh(1) )
  3. ssh -t -t -t forces the allocation of a tty allocation, even if ssh has no local tty (read ssh(1) )
  4. sudo -S causes sudo to read the password from stdin instead of the terminal device
  5. ssh -t -t -t $host  in combination with sudo -S <command> <<EOF\nyour password\nEOF\n
    is what you really need, to execute a sudo command on a remote host over ssh.


You have a file with a list of IPs or hostnames for remote hosts you need to do something on with sudo.
A little script like the following will help you here:


for i in cat ip.lst ; do 
     ssh -o ConnectTimeout=5 -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -t -t -t ${i} "sudo -S command <<EOF
<your password>