I would like to make a script which can maintain multiple servers via SSH. I want to control the authentication/authorization in such a manner that authentication is done by gateway and any other access is routed through this ssh server to internal services without any further authentication/authorization requirements.
So if a user A can log into server_1 for example. He can then ssh to server_2 without any other authentication and do what ever he is allowed to do on server_2 (like shut down mysql, upgrade it and restart it. This could be done via some remote shell script).
The problem that I am trying to solve is to come up with a deployment script for a JavaEE system which involves databases and tomcat instances. They need to be shutdown and re-spawned. The requirement is to have a deployment script which has minimal human interaction as possible for both developers and operation.
You should not re-invent the wheel here or you will only make more work for yourself in the long run and introduce new security issues. The two options that come to mind are:
ssh-agent
on the client and Agent Forwarding allowed to the final destinations such that you can SSH from one to the next based on your locally unlocked keys.As you are using ssh, you should take a look at
ssh key
based authentication and the use of ssh-agent. If you use something like PuTTY and pageant then you can just load the private key into pageant and use it to authenticate wherever the relevant public key is.If you do manage to get everything automated then it's possible to restrict the use of the key to certain commands too.