Simon Wong <[EMAIL PROTECTED]> writes: > So I now have it working using a combination of SSH keys (I have a > problem with it not working in .ssh/config but works if you specify the > keyname on the command line with the -i option?!) and setting up the > MySQL username/password in ~/.my.cnf as recommended by Michael > Chesterton.
I think bash launches ssh and | mysql at the same time, so you could put the password in the local ~/.my.cnf and not put it in the remote (I got that back to front in my first post). Or use ssh keys and not put the password in any ~/.my.cnf They recommend disabling ssh passwords and using keys, anyway. That way to log in you need to have something and know something (the key and the passphrase). Also, if you're using ssh passwords and the remote host you're ssh-ing to is compromised, they can sniff the password and potentially use that to log in to other hosts. If you have a passphrase-less key, they also recommend locking it down to a specific command in authorized_keys. Or if you love entering passwords, you could have a passphrase on the key, ssh-add the key, run the command, then remove the key from the ssh-agent. -- Michael Chesterton http://chesterton.id.au/blog -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
