I am looking for a way of seamless ssh in a way that when user does ssh through shell, it will be disallowed (or normal rules apply) but if a process (non-interactive) tries to ssh with the same user should be allowed without password. May be some keys generated by the root of the server for users coming with some extra inputs.
Please help.
best way to do this is to have a dedicated ssh key for each process that requires access, make sure that no other user has permissions on the private keys.
Each process should have it's own key so that if any key is comprimised you only have to change one processes setup rather than each one that uses the key.
If you don't want ssh prompting for a password you can use
ssh -o "PasswordAuthentication=no" user@host
This will silently fail if no other authenication succeeds (ie public key) and no prompt will be given
