Re: [PHP] Re: run remote shell script
On Wed, August 17, 2005 9:50 pm, Roger Thomas wrote:
OK. I am able to setup remote key authentication between svrA and
svrB. From svrA I can login to svrB with something like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED]
and I can also execute a shell script like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED] /tmp/test.sh
Excellent!
If 'www' can do it in a shell, then PHP, running as 'www' can usually
do do it -- though a FEW commands require an honest-to-god tty
real-login-shell connection or they refuse to run. I think su is one
of them.
On svrA I have a PHP script like so:
?
system('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR');
//Do this:
exec('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR', $output, $error);
if ($error) echo OS Error: $error\n;
echo implode(\n, $output);
This will tell you what error messages, if any, you are getting.
Most likely what is happening is that the 'www' user in PHP does not
have a true shell set up -- so 'www' has no home dir, so ssh does
not find the keys you stuck in ~/.ssh/ so you need to do something
like:
exec('ssh -i /home/www/.ssh [EMAIL PROTECTED] /tmp/test.sh someDIR', $output,
$error);
Read man ssh for more details about -i flag, but it basically
tells ssh where to find the keys it needs to use to get into svrB (and
anywhere else 'www' has access to)
I did the same thing with scp (kinda like FTP tunnelling through SSH)
and that was the thing that took me awhile to figure out.
?
/tmp/test.sh on svrB is only a one liner like so:
mkdir /tmp/$1
I ran the script from the browser but the /tmp/someDIR is not created
:(
Could it be that user nobody on svrA is *not* allowed to connect to
svrB because the public key belongs to user www ? How do I rectify
this ?
Whoa.
First of all, you have two different 'www' users running around:
[EMAIL PROTECTED] and [EMAIL PROTECTED]
From here on, I'll specify users with @svr? so we know what we're
talking about.
If the user '[EMAIL PROTECTED]' is the one PHP runs as, then, yes,
'[EMAIL PROTECTED]' needs to have a copy of the [half-]key that currently is
owned by '[EMAIL PROTECTED]' which is what allows '[EMAIL PROTECTED]' to ssh to
'[EMAIL PROTECTED]' without supplying a password.
Though why you have a '[EMAIL PROTECTED]' user and then have '[EMAIL PROTECTED]'
running Apache/PHP is beyond my ken...
It's MORE likely that '[EMAIL PROTECTED]' really is running Apache/PHP, and you
are getting tripped up by what I outlined above.
BUT - yes, if the user running Apache/PHP doesn't have the half of the
key-pair that it needs to access srvB, then that user ain't getting
into svrB.
NOTE:
It's usually the PRIVATE key belonging to '[EMAIL PROTECTED]' that you would
have sitting in the .ssh directory for '[EMAIL PROTECTED]' and then the PUBLIC
half would be sitting in '[EMAIL PROTECTED]' .ssh directory.
IE, the presence of the PUBLIC key belonging to somebody else
([EMAIL PROTECTED]) in the file that, in theory, only '[EMAIL PROTECTED]' can
write, is
how [EMAIL PROTECTED] gave permission for [EMAIL PROTECTED] to get in.
[EMAIL PROTECTED] has the PUBLIC key to [EMAIL PROTECTED], but that's okay.
It's a
PUBLIC key, so anybody can safely hold it.
[EMAIL PROTECTED] has the PRIVATE key in his own .ssh directory, which only he
can access.
What you MAY have done, and which MIGHT work (or not) but seem
backwards to me:
[EMAIL PROTECTED] made a key-pair, and then handed over the PRIVATE key to
[EMAIL PROTECTED]
IF you did that, and IF that works, the risk here is that you've got a
key that is labeled as PRIVATE that has been handed out to somebody
else, which is a no-no.
And you've got a key that is labeled as PUBLIC (sitting up on
[EMAIL PROTECTED]) that you could easily someday think Oh, it's okay to hand
this out, it's PUBLIC but, really, *that* PUBLIC key is what is
supposed to be kept secret so that the PRIVATE key handed to [EMAIL PROTECTED]
can tie in...
In the actual situation, I need to execute a shell script in svrB
(from browser served by Apache on svrA) that only root can run. Please
advise. I am getting very worried.
I'd be real worried about the script that only 'root' can run...
Set up a new user on svrB that has permission to create the
directories you need, and that's pretty much all that user can do.
Using 'root' access is just too much power.
Minimize your exposure ; Minimize your risk ; Minimize permissions
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: run remote shell script
Quoting Richard Lynch [EMAIL PROTECTED]:
If 'www' can do it in a shell, then PHP, running as 'www' can usually do do it
www is a Limux system user on both svrA and svrB.
On svrA, Apache runs as user nobody. I mean, this is the httpd user, where we
defined it in httpd.conf:
User nobody
Group nobody
My bad, I shud have use roger instead of www.
//Do this:
exec('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR', $output, $error);
if ($error) echo OS Error: $error\n;
echo implode(\n, $output);
I got this: OS Error: 255
This will tell you what error messages, if any, you are getting.
Most likely what is happening is that the 'www' user in PHP does not
have a true shell set up -- so 'www' has no home dir, so ssh does
not find the keys you stuck in ~/.ssh/ so you need to do something
like:
exec('ssh -i /home/www/.ssh [EMAIL PROTECTED] /tmp/test.sh someDIR', $output,
$error);
In my case, user nobody (that Apache runs as in svrA), does not have a true
shell setup. How do I create a private/public key for user nobody when I can't
even login as user nobody (as it does not have a true shell) ?
What's my option ?
Though why you have a '[EMAIL PROTECTED]' user and then have '[EMAIL
PROTECTED]'
running Apache/PHP is beyond my ken...
Sorry for the confusion.
It's usually the PRIVATE key belonging to '[EMAIL PROTECTED]' that you would
have sitting in the .ssh directory for '[EMAIL PROTECTED]' and then the PUBLIC
half would be sitting in '[EMAIL PROTECTED]' .ssh directory.
Yes, I did that. I logged in as user www in svrA and executed ssh-keygen -t
rsa. I then copied id_rsa.pub to svrB and called it
/home/www/.ssh/authorized_keys. As noted, user www are system users in svrA and
svrB.
I'd be real worried about the script that only 'root' can run...
Set up a new user on svrB that has permission to create the
directories you need, and that's pretty much all that user can do.
Using 'root' access is just too much power.
I mean, I want to execute a command in svrB where only root can do so. Like
'shutdown' or something else.
Appreciate your advise. TIA
--
Roger
---
Sign Up for free Email at http://ureg.home.net.my/
---
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: run remote shell script
On Thu, August 18, 2005 12:22 am, Roger Thomas wrote:
Quoting Richard Lynch [EMAIL PROTECTED]:
If 'www' can do it in a shell, then PHP, running as 'www' can
usually do do it
www is a Limux system user on both svrA and svrB.
On svrA, Apache runs as user nobody. I mean, this is the httpd user,
where we defined it in httpd.conf:
User nobody
Group nobody
My bad, I shud have use roger instead of www.
Is 'www' a real user on either server?
What is that user allowed to do?
Does that user exist for the express purpose of doing things related
to the web-server, and nothing else?
If so, the easiest solution might be to change httpd.conf to have:
User www
It gives Apache/PHP a little more power ; which increases risk a bit
But if 'www' ONLY has permissions to do the kinds of things you want
to allow Apache/PHP to do, then that's okay.
If 'www' has lots and lots of permisions to do all sorts of things,
then it is a Bad Idea to do httpd.conf: User www
This will tell you what error messages, if any, you are getting.
Damn!
Error 255 is not particularly enlightening, at least to me -- But I
think it indicates a problem before PHP even manages to FIND the ssh
command, not one actually trying to run it.
Somebody who knows OS error codes better than me could maybe clarify
this a bit.
Most likely what is happening is that the 'www' user in PHP does not
have a true shell set up -- so 'www' has no home dir, so ssh does
not find the keys you stuck in ~/.ssh/ so you need to do something
like:
exec('ssh -i /home/www/.ssh [EMAIL PROTECTED] /tmp/test.sh someDIR', $output,
$error);
In my case, user nobody (that Apache runs as in svrA), does not have a
true shell setup. How do I create a private/public key for user nobody
when I can't even login as user nobody (as it does not have a true
shell) ?
You *might* be able to use the -i /home/www/.ssh part, so long as
the nobody user can *READ* www's key files...
Though that may not be desirable.
In detail, you *COULD* create a group called 'www_nobody' and add both
'www' and 'nobody' to it, and then you *COULD* chgrp 'www_nobody'
/home/www/.ssh/ (and/or some files within that) and THEN I think the
exec() would work with the -i /home/www/.ssh because now nobody is
using wwws keyring to get into whatever www can get into.
Though, at that point, maybe just changing httpd.conf to User www is
looking more attractive.
You should first try something more simple like:
exec(ls, $output, $error);
if ($error) echo OS Error: $error\n;
echo implode(\n, $output);
just to be certain the nobody user can do *anything* with exec()
It *MAY* be a requirement that nobody has some kind of shell access
for exec() to work... I don't know for sure about that.
But this quick test without the vagaries of ssh and keys and
permissions involved will sort of work towards your goal from the
other end -- getting PHP to execute *something* in the shell, and
knowing that that something is so damn simple that it HAS to work. :-)
If the Apacher user *HAS* to have a valid shell to use exec() then
you're kinda stuck with User www, or some other user like 'www-run'
which I sometimes see... Possibly because for the same reasons that
you have a 'www' user already and don't want to use that for
httpd.conf User.
You may also want to use things like /usr/bin/ls and
/usr/local/bin/ssh or whatever they are on your box. Better to use a
full path and be sure you are not subject to the whims of the shell
and some $PATH environment variable that root might change out from
under you some day by messing with /etc/passwd in a security audit.
What's my option ?
Short version:
Make sure PHP can do something useful with exec() like ls
Make sure PHP can *read* the keys it needs to get into srvB
Use full path to ssh and use -i /home/www/.ssh so PHP knows it's
supposed to get the keys from there.
Though why you have a '[EMAIL PROTECTED]' user and then have '[EMAIL
PROTECTED]'
running Apache/PHP is beyond my ken...
Sorry for the confusion.
'Sokay.
Just wondering WHY you have a user named 'www' if it's NOT to run
Apache...
It's pretty common to have a user 'www' (or similar) running Apache
just so you can keep the web stuff out of the hands of nobody (IE,
everybody) and have a username everybody recognizes as the user that
runs Apache
But then I've seen those boxes where it's 'www-run' or 'apache' or
other more interesting usernames running Apache/PHP, so it's not
really written in stone.
It's usually the PRIVATE key belonging to '[EMAIL PROTECTED]' that you would
have sitting in the .ssh directory for '[EMAIL PROTECTED]' and then the
PUBLIC
half would be sitting in '[EMAIL PROTECTED]' .ssh directory.
Yes, I did that. I logged in as user www in svrA and executed
ssh-keygen -t rsa. I then copied id_rsa.pub to svrB and called it
/home/www/.ssh/authorized_keys. As noted, user www are system users in
svrA and svrB.
I'd be real worried about the script that only 'root' can run...
Re: [PHP] Re: run remote shell script
Thanks for your great explaination. I really appreciate that. I will try out
the things that you have outlined and will be back if I land into trouble :)
--
Roger
Quoting Richard Lynch [EMAIL PROTECTED]:
On Thu, August 18, 2005 12:22 am, Roger Thomas wrote:
Quoting Richard Lynch [EMAIL PROTECTED]:
If 'www' can do it in a shell, then PHP, running as 'www' can
usually do do it
www is a Limux system user on both svrA and svrB.
On svrA, Apache runs as user nobody. I mean, this is the httpd user,
where we defined it in httpd.conf:
User nobody
Group nobody
My bad, I shud have use roger instead of www.
Is 'www' a real user on either server?
What is that user allowed to do?
Does that user exist for the express purpose of doing things related
to the web-server, and nothing else?
If so, the easiest solution might be to change httpd.conf to have:
User www
It gives Apache/PHP a little more power ; which increases risk a bit
But if 'www' ONLY has permissions to do the kinds of things you want
to allow Apache/PHP to do, then that's okay.
If 'www' has lots and lots of permisions to do all sorts of things,
then it is a Bad Idea to do httpd.conf: User www
This will tell you what error messages, if any, you are getting.
Damn!
Error 255 is not particularly enlightening, at least to me -- But I
think it indicates a problem before PHP even manages to FIND the ssh
command, not one actually trying to run it.
Somebody who knows OS error codes better than me could maybe clarify
this a bit.
Most likely what is happening is that the 'www' user in PHP does not
have a true shell set up -- so 'www' has no home dir, so ssh does
not find the keys you stuck in ~/.ssh/ so you need to do something
like:
exec('ssh -i /home/www/.ssh [EMAIL PROTECTED] /tmp/test.sh someDIR',
$output,
$error);
In my case, user nobody (that Apache runs as in svrA), does not have a
true shell setup. How do I create a private/public key for user nobody
when I can't even login as user nobody (as it does not have a true
shell) ?
You *might* be able to use the -i /home/www/.ssh part, so long as
the nobody user can *READ* www's key files...
Though that may not be desirable.
In detail, you *COULD* create a group called 'www_nobody' and add both
'www' and 'nobody' to it, and then you *COULD* chgrp 'www_nobody'
/home/www/.ssh/ (and/or some files within that) and THEN I think the
exec() would work with the -i /home/www/.ssh because now nobody is
using wwws keyring to get into whatever www can get into.
Though, at that point, maybe just changing httpd.conf to User www is
looking more attractive.
You should first try something more simple like:
exec(ls, $output, $error);
if ($error) echo OS Error: $error\n;
echo implode(\n, $output);
just to be certain the nobody user can do *anything* with exec()
It *MAY* be a requirement that nobody has some kind of shell access
for exec() to work... I don't know for sure about that.
But this quick test without the vagaries of ssh and keys and
permissions involved will sort of work towards your goal from the
other end -- getting PHP to execute *something* in the shell, and
knowing that that something is so damn simple that it HAS to work. :-)
If the Apacher user *HAS* to have a valid shell to use exec() then
you're kinda stuck with User www, or some other user like 'www-run'
which I sometimes see... Possibly because for the same reasons that
you have a 'www' user already and don't want to use that for
httpd.conf User.
You may also want to use things like /usr/bin/ls and
/usr/local/bin/ssh or whatever they are on your box. Better to use a
full path and be sure you are not subject to the whims of the shell
and some $PATH environment variable that root might change out from
under you some day by messing with /etc/passwd in a security audit.
What's my option ?
Short version:
Make sure PHP can do something useful with exec() like ls
Make sure PHP can *read* the keys it needs to get into srvB
Use full path to ssh and use -i /home/www/.ssh so PHP knows it's
supposed to get the keys from there.
Though why you have a '[EMAIL PROTECTED]' user and then have '[EMAIL
PROTECTED]'
running Apache/PHP is beyond my ken...
Sorry for the confusion.
'Sokay.
Just wondering WHY you have a user named 'www' if it's NOT to run
Apache...
It's pretty common to have a user 'www' (or similar) running Apache
just so you can keep the web stuff out of the hands of nobody (IE,
everybody) and have a username everybody recognizes as the user that
runs Apache
But then I've seen those boxes where it's 'www-run' or 'apache' or
other more interesting usernames running Apache/PHP, so it's not
really written in stone.
It's usually the PRIVATE key belonging to '[EMAIL PROTECTED]' that you
would
have sitting in the .ssh directory for '[EMAIL PROTECTED]' and then the
PUBLIC
Re: [PHP] Re: run remote shell script
First off, Roger, Thomas, not sure which is your given name -- please
use a mail or news agent that will wrap your lines with linebreaks at 72
characters. Some of us are on text-based clients, and it's difficult to
read your posts when they extend beyond the screen boundaries... ;-)
* Roger Thomas [EMAIL PROTECTED] :
OK. I am able to setup remote key authentication between svrA and
svrB. From svrA I can login to svrB with something like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED]
and I can also execute a shell script like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED] /tmp/test.sh
On svrA I have a PHP script like so:
?
system('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR');
?
/tmp/test.sh on svrB is only a one liner like so:
mkdir /tmp/$1
I ran the script from the browser but the /tmp/someDIR is not created :(
Could it be that user nobody on svrA is *not* allowed to connect to
svrB because the public key belongs to user www ? How do I rectify
this ?
In the actual situation, I need to execute a shell script in svrB
(from browser served by Apache on svrA) that only root can run. Please
advise. I am getting very worried.
Okay, I should have been a little more explicit.
There are two ways I've done this. The initial details are different,
but the final call is pretty much the same.
1. Using sudo
'sudo' allows users to run commands as different users. In this case,
we want the user running the web server (usually www, apache, or
nobody) to run ssh, or a script that executes the ssh command, as a
normal user. I usually opt for the latter, and create a script such
as:
#!/bin/bash
exec ssh [EMAIL PROTECTED] /path/to/remote/script
and save it in /usr/local/bin. Then, edit sudoers (usually executing
'visudo' as root), and add a line like
nobody ALL = (username) NOPASSWD: /usr/local/bin/SCRIPTNAME
What this does is to allow the user 'nobody' (or whomever runs the
web server process) to execute /usr/local/bin/SCRIPTNAME as
'username', and they do not need to enter a password to do so
(normally with sudo you do).
You'll need to restart the webserver after granting the sudo
privileges.
In this scenario, the normal user, specified by 'username' above,
needs to have the the SSH keys setup between the servers.
2. Give the web user a home directory
The other option is to setup a home directory for the web user. This
will mean editing the /etc/passwd file to give the web user both a
home directory and a shell; these are teh last two items in the colon
delimited list. A sample entry might look like:
nobody:x:65534:65534:nobody:/var/www:/bin/bash
Once you've done this, restart the web server. At this point, you'll
then need to become the web user briefly in order to:
* generate an SSH key
* send the key to the remote server
Then, on the remote server, add the SSH key to the appropriate user
on that system.
Good luck!
Quoting Matthew Weier O'Phinney [EMAIL PROTECTED] :
* Roger Thomas [EMAIL PROTECTED] :
My PHP script is in svrA. How do I run a shell script in svrB?
svrB does not have PHP and Apache :(
Is this at all possible? Please advise.
Use ssh. You will have to setup remote key authentication from svrA to
svrB (so that a password will not be needed), and then in your script
you would call:
system('ssh svrB /path/to/scriptToRun');
--
Matthew Weier O'Phinney
Zend Certified Engineer
http://weierophinney.net/matthew/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: run remote shell script
Thanks Matthew. You and Richard have been very helpful. I should be able to
carry on. Thank you again.
--
Roger
Quoting Matthew Weier O'Phinney [EMAIL PROTECTED]:
First off, Roger, Thomas, not sure which is your given name --
please
use a mail or news agent that will wrap your lines with linebreaks at
72
characters. Some of us are on text-based clients, and it's difficult
to
read your posts when they extend beyond the screen boundaries... ;-)
* Roger Thomas [EMAIL PROTECTED] :
OK. I am able to setup remote key authentication between svrA and
svrB. From svrA I can login to svrB with something like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED]
and I can also execute a shell script like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED] /tmp/test.sh
On svrA I have a PHP script like so:
?
system('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR');
?
/tmp/test.sh on svrB is only a one liner like so:
mkdir /tmp/$1
I ran the script from the browser but the /tmp/someDIR is not
created :(
Could it be that user nobody on svrA is *not* allowed to connect
to
svrB because the public key belongs to user www ? How do I rectify
this ?
In the actual situation, I need to execute a shell script in svrB
(from browser served by Apache on svrA) that only root can run.
Please
advise. I am getting very worried.
Okay, I should have been a little more explicit.
There are two ways I've done this. The initial details are
different,
but the final call is pretty much the same.
1. Using sudo
'sudo' allows users to run commands as different users. In this
case,
we want the user running the web server (usually www, apache, or
nobody) to run ssh, or a script that executes the ssh command, as
a
normal user. I usually opt for the latter, and create a script
such
as:
#!/bin/bash
exec ssh [EMAIL PROTECTED] /path/to/remote/script
and save it in /usr/local/bin. Then, edit sudoers (usually
executing
'visudo' as root), and add a line like
nobody ALL = (username) NOPASSWD: /usr/local/bin/SCRIPTNAME
What this does is to allow the user 'nobody' (or whomever runs
the
web server process) to execute /usr/local/bin/SCRIPTNAME as
'username', and they do not need to enter a password to do so
(normally with sudo you do).
You'll need to restart the webserver after granting the sudo
privileges.
In this scenario, the normal user, specified by 'username' above,
needs to have the the SSH keys setup between the servers.
2. Give the web user a home directory
The other option is to setup a home directory for the web user.
This
will mean editing the /etc/passwd file to give the web user both
a
home directory and a shell; these are teh last two items in the
colon
delimited list. A sample entry might look like:
nobody:x:65534:65534:nobody:/var/www:/bin/bash
Once you've done this, restart the web server. At this point,
you'll
then need to become the web user briefly in order to:
* generate an SSH key
* send the key to the remote server
Then, on the remote server, add the SSH key to the appropriate
user
on that system.
Good luck!
Quoting Matthew Weier O'Phinney [EMAIL PROTECTED] :
* Roger Thomas [EMAIL PROTECTED] :
My PHP script is in svrA. How do I run a shell script in svrB?
svrB does not have PHP and Apache :(
Is this at all possible? Please advise.
Use ssh. You will have to setup remote key authentication from
svrA to
svrB (so that a password will not be needed), and then in your
script
you would call:
system('ssh svrB /path/to/scriptToRun');
--
Matthew Weier O'Phinney
Zend Certified Engineer
http://weierophinney.net/matthew/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Sign Up for free Email at http://ureg.home.net.my/
---
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Re: run remote shell script
* Roger Thomas [EMAIL PROTECTED]:
My PHP script is in svrA. How do I run a shell script in svrB?
svrB does not have PHP and Apache :(
Is this at all possible? Please advise.
Use ssh. You will have to setup remote key authentication from svrA to
svrB (so that a password will not be needed), and then in your script
you would call:
system('ssh svrB /path/to/scriptToRun');
--
Matthew Weier O'Phinney
Zend Certified Engineer
http://weierophinney.net/matthew/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: run remote shell script
OK. I am able to setup remote key authentication between svrA and svrB. From
svrA I can login to svrB with something like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED]
and I can also execute a shell script like
[EMAIL PROTECTED] www]$ ssh [EMAIL PROTECTED] /tmp/test.sh
On svrA I have a PHP script like so:
?
system('ssh [EMAIL PROTECTED] /tmp/test.sh someDIR');
?
/tmp/test.sh on svrB is only a one liner like so:
mkdir /tmp/$1
I ran the script from the browser but the /tmp/someDIR is not created :(
Could it be that user nobody on svrA is *not* allowed to connect to svrB
because the public key belongs to user www ? How do I rectify this ?
In the actual situation, I need to execute a shell script in svrB (from browser
served by Apache on svrA) that only root can run. Please advise. I am getting
very worried.
--
Roger
Quoting Matthew Weier O'Phinney [EMAIL PROTECTED]:
* Roger Thomas [EMAIL PROTECTED]:
My PHP script is in svrA. How do I run a shell script in svrB?
svrB does not have PHP and Apache :(
Is this at all possible? Please advise.
Use ssh. You will have to setup remote key authentication from svrA to
svrB (so that a password will not be needed), and then in your script
you would call:
system('ssh svrB /path/to/scriptToRun');
--
Matthew Weier O'Phinney
Zend Certified Engineer
http://weierophinney.net/matthew/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Sign Up for free Email at http://ureg.home.net.my/
---
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
