ssh tip From: Frido Ferdinand <[EMAIL PROTECTED]> Just discovered a neat trick to using ssh-key authentication in a nice way, this will let you connect to remote hosts without typing in your password all the time. It's also very convienient to make (perl) scripts connect to remote hosts without using scary .rhosts/rsh combinations. To use this just do the following: 1 Install ssh --------------- You can get the source from: ftp://ftp.cs.hut.fi/pub/ssh/ or RPMS from: ftp://ftp.replay.com/pub/crypto/linux/redhat/i386/ 2 Run ssh-keygen ---------------- ssh-keygen - authentication key pair generation Run it and use a good long passPHRASE. (phrase not word) 3 Edit .xinitrc --------------- Put in your .xinitrc ssh-agent in front of the command for example # Window Maker default X session startup script PATH="$PATH:/usr/X11R6/bin" exec /usr/local/bin/ssh-agent wmaker exec /usr/local/bin/xscreensaver -no-splash & I think that if you use xdm you should edit your .xsession file. Now every time you start up ssh-agent, the program that will manage your ssh-keys, will start up in the background. 4 Run ssh-add ------------- When you're in X just type in your favourite terminal, ssh-add It'll ask you for the passphrase of your key, type it in and your private key will be loaded in memory. 5 Authorize the remote host --------------------------- Now on the host to which you want to connect, do the following: copy the contents of the generated public key (.ssh/identity.pub) to the "authorized_keys" file on the remote host. Be sure to set the permissions of this file to 600. Now connect to your remote host with: ssh remote-host. If everything goes well you won't need to type in your password but still have a good secure authentication scheme. 6 Examples ---------- Run command 'ls' on remote host: ssh remote-host ls The ssh-agent uses two environment variables: set | grep SSH gives SSH_AGENT_PID=10953 SSH_AUTH_SOCK=/tmp/ssh-frido/ssh-10952-agent In your perl script put: $ENV{"SSH_AGENT_PID"} = 10953; $ENV{"SSH_AUTH_SOCK"} = "/tmp/ssh-frido/ssh-10952-agent"; And you can do: $output=`ssh -q remote-host ls` print $output I normally use this to call other scripts. This way you can have one script which accesses multiple servers !
begin:vcard n:Binkley;Robert x-mozilla-html:TRUE org:;DCFS adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] title:HP-ADMIN x-mozilla-cpt:;6304 fn:Robert Binkley end:vcard
