There's a piece of Nagios called "nrpe" that does this right out of the box. You don't need to use it with Nagios though. It's a client-server remote command mechanism that returns a status message based on the result of the request.
It has a number of protections that make it more secure than an adhoc solution, since you can explicitly define the scope of the requests on the remote end, where they can come from, etc. The client sends a specific request and gets a response message back. The server side runs either as a standalone daemon, or under inetd. No encryption of the messages though, at least not in the version I'm using. Doc is in sourceforge, IIRC. > -----Original Message----- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED] Behalf Of > James Melin > Sent: Tuesday, February 08, 2005 11:37 AM > To: [email protected] > Subject: Re: [LINUX-390] Using ssh to execute a command on another > system > > > I would tend to agree, but this is not for the unwashed > masses - I really > don't have any. This is just for the linux box under my desk to go > interrogate our websphere servers and report back to me what they are > doing. Nothing terribly fancy. Actually it's gonna be quite > ugly since I'm > writing it in either shell script or rexx. > > > > > "Kielek, Samuel" > <[EMAIL PROTECTED] > rriott.com> > To > Sent by: Linux on [email protected] > 390 Port > cc > <[EMAIL PROTECTED] > IST.EDU> > Subject > Re: Using ssh to > execute a command > on another system > 02/08/2005 10:18 > AM > > > Please respond to > Linux on 390 Port > <[EMAIL PROTECTED] > IST.EDU> > > > > > > > If you implement kerberos, you could continue to use rexec, rsh, rcp, > telnet, ftp, etc. and it would be secure since the kerberized versions > encrypt the traffic. This is sometimes easier to implement and control > than a ssh approach as it is familiar to the users since they get to > continue doing things essentially as they always have. > > Sam Kielek > Marriott International > > -----Original Message----- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of > Alan Altmark > Sent: Tuesday, February 08, 2005 11:07 AM > To: [email protected] > Subject: Re: Using ssh to execute a command on another system > > > On Tuesday, 02/08/2005 at 09:38 CST, James Melin > <[EMAIL PROTECTED]> wrote: > > Got a question about ssh.... > > > > rexec provides an ability to execute a command on a remote > system and > pass > > the ID/Password on the command line. This prevents the session from > > prompting for a password. > > > > e.g: rexec -l username -p password hostname command > > > > the problem with rexec , of course, is that it is unsecure. > > It is unsecure if it flows over the open network. If it remains on a > virtual network connection, it remains secure. > > > What I am looking to do is to ssh to a specific linux, execute a > command, > > capture the output of that command, parse that output and set some > > variables and write out a 'status page' html file. I do not know how > to > > handle being asked for a password in a shell script. > > A remote system could enter a VM system with https, > authenticate at that > level, and then request REXECs. > > Just pointing out that there are multiple ways to solve the > problem. (I > happen to like SSH, but there are other solutions, too.) > > Alan Altmark > z/VM Development > IBM Endicott > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: INFO > LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: INFO > LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to [EMAIL PROTECTED] with the message: INFO > LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > -------------------------------------------------------- If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important additional terms relating to this e-mail. http://www.ml.com/email_terms/ -------------------------------------------------------- ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
