Hide Forgot
Business Case: Customer (due to security reasons) wants to have the PermitRootLogin parameter in /etc/ssh/sshd_config on a host machine set to false - however this disables remote execution, since even if effective user is a non-root user, Satellite connects to the root user on the client machine. Customer would like to have an option to remotely execute commands as a non-root user, completely avoiding using root. Technical Requirements: PermitRootLogin parameter in /etc/ssh/sshd_config on a client machine could be set to false Additional information: n/a
Bug 1376772 raises a similar concern. Comment 4 references the following documentation: https://access.redhat.com/documentation/en/red-hat-satellite/6.2/paged/host-configuration-guide/113-configuring-global-settings Would that support the customer's need?
Afaik, no - the effective user option is only like a "mask" - it still connects to root. If you disable root login on host machine (which is what they want to do), remote execution will not work at all.
There are two options there: remote_execution_ssh_user and remote_execution_effective_user. The `remote_execution_ssh_user` should allow to use non-root user for the remote execution. Can you confirm we are talking about this option?
The "remote_execution_ssh_user" option worked, thank you!