Thanks, Mark. I'll look into it. I went with the peon user route. It has
the minimal set of privs to do what is needed. So far, things are going
swimingly. The methodolgy I'm using is at this point ugly, but it is
straight forward.
"Post, Mark K"
<[EMAIL PROTECTED]
m> To
Sent by: Linux on [email protected]
390 Port cc
<[EMAIL PROTECTED]
IST.EDU> Subject
Re: Using ssh to execute a command
on another system
02/08/2005 11:22
AM
Please respond to
Linux on 390 Port
<[EMAIL PROTECTED]
IST.EDU>
James,
Others have already told you about using key pairs, but no one has
addressed
the security implications of an account that requires no password and no
passphrase to access your system. You might want to create a special
no-privilege user account for this. You really don't want someone tripping
over this if the account has root privileges, for instance (nor do _you_
want to make a mistake with such an account).
If you're looking for a low-cost/no-cost monitoring tool, you might want to
consider Big Brother (I can see Rich Smrcina smiling right now). It can do
a whole lot of stuff without having to write anything.
Mark Post
-----Original Message-----
From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of James
Melin
Sent: Tuesday, February 08, 2005 10:39 AM
To: [email protected]
Subject: Using ssh to execute a command on another system
Got a question about ssh....
rexec provides an ability to execute a command on a remote system and pass
the ID/Password on the command line. This prevents the session from
prompting for a password.
e.g: rexec -l username -p password hostname command
the problem with rexec , of course, is that it is unsecure.
ssh also allows command line invocation of a command on a remote system.
This is good, in that it will do the authentication encrypted. What I do
not
know is how to do it all nice and neat from a script without being
challenged for a password.
What I am looking to do is to ssh to a specific linux, execute a command,
capture the output of that command, parse that output and set some
variables
and write out a 'status page' html file. I do not know how to handle being
asked for a password in a shell script.
I've seen some stuff about the identity file, but that really isn't making
sense to me either and certainly seems like overkill for what I'm doing.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions, send email
to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
