The reason is you do not protect your variable by quoting it:
should do the trick. You might have to quote the variable inside the function too to preserve its contents. It is generally good style to quote as exactly as possible, even if it is not absolutely necessary.
[Moderator-mode on] Please notice that we do not have a shortage in thread slots here, so please open a new thread if you have a new question.
We are trying to build a knowledge base. That means, if some other user has the same problem like you ideally he should be able to find the solution without having to ask the question again, just by searching the forum.
Having several independent problems discussed in a single thread does not further this cause, because a user with your shell problem is likely not searching for a thread about ssh configuration.
Nobody will think bad about you if have several different problems and open several different threads, one for each of them. Quite contrary this is what we ask you to do.
Another point is forum specialization: you might notice that there are different parts of the forum, one for AIX and one for shell programming for instance. Sometimes it is difficult to decide where a thread should go, but in this case it would have been easy, but now we have a thread which deals with two (or three) different problems and each part would belong to a different part of the forum.
I hope you understand and i ask you follow these forum behavior standards more carefully in the future. Thank you.
[/Moderator Mode off]
Hi,
I am trying to scp a file from our Unix server to the local Windows machine.I have created the key pair in Unix server using ssh-keygen command in unix.
But I am not sure where can we put the public key(generated on Unix) in Windows machine so that scp from Unix machine to Windows is... (3 Replies)
I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key :
ssh-keygen -t rsa
Is there a similar command for the other servers as well.
If I try to use... (1 Reply)
I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key :
ssh-keygen -t rsa
Is there a similar command for the other servers as well.
If I try to use... (1 Reply)
Hi All;
I have an issue with password less authentication via ssh ( v2)
I have two servers Server A and Server B, following are the server details
Server A
OS - HP UX B.11.11 U 9000/800
SSH - OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.000, HP-UX... (3 Replies)
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Hi,
please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
My password-free ssh connection has worked in the past but has stopped working and I can't get it going again.
The files in .ssh on both source and target are set to 600:
drwx------ 2 ingres 1024 Mar 2 13:57 .
drwxr-xr-x 25 ingres 2048 Mar 29 09:38 ..
-rw------- 1 ingres ... (9 Replies)
Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it
There are two servers DB1 server and DB2 server.
1)I have generated public/private key using below step on both servers.
ssh-keygen -t rsa
2)From DB1 server moved the... (6 Replies)
Discussion started by: muraliinfy04
6 Replies
LEARN ABOUT OPENSOLARIS
ssh-keyscan
ssh-keyscan(1) User Commands ssh-keyscan(1)NAME
ssh-keyscan - gather public ssh host keys of a number of hosts
SYNOPSIS
ssh-keyscan [-v46] [-p port] [-T timeout] [-t type]
[-f file] [-] [host... | addrlist namelist] [...]
DESCRIPTION
ssh-keyscan is a utility for gathering the public ssh host keys of a number of hosts. It was designed to aid in building and verifying
ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts. The output of ssh-keyscan is
directed to standard output.
ssh-keyscan uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain
of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh. For scanning, one does not
need login access to the machines that are being scanned, nor does the scanning process involve any encryption.
File Format
Input format:
1.2.3.4,1.2.4.4
name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
Output format for rsa1 keys:
host-or-namelist bits exponent modulus
Output format for rsa and dsa keys, where keytype is either ssh-rsa or `ssh-dsa:
host-or-namelist keytype base64-encoded-key
OPTIONS
The following options are supported:
-f filename Read hosts or addrlist namelist pairs from this file, one per line. If you specity - instead of a filename,
ssh-keyscan reads hosts or addrlist namelist pairs from the standard input.
-p port Port to connect to on the remote host.
-T timeout Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a
host or since the last time anything was read from that host, the connection is closed and the host in question
is considered unavailable. The default is for timeout is 5 seconds.
-t type Specify the type of the key to fetch from the scanned hosts. The possible values for type are rsa1 for protocol
version 1 and rsa or dsa for protocol version 2. Specify multiple values by separating them with commas. The
default is rsa1.
-v Specify verbose mode. Print debugging messages about progress.
-4 Force to use IPv4 addresses only.
-6 Forces to use IPv6 addresses only.
SECURITY
If a ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users are vulnerable to man-in-the-middle attacks.
If the security model allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man-in-the-middle attacks which
have begun after the ssh_known_hosts file was created.
EXAMPLES
Example 1 Printing the rsa1 Host Key
The following example prints the rsa1 host key for machine hostname:
$ ssh-keyscan hostname
Example 2 Finding All Hosts
The following commands finds all hosts from the file ssh_hosts which have new or different keys from those in the sorted file
ssh_known_hosts:
$ ssh-keyscan -t rsa,dsa -f ssh_hosts |
sort -u - ssh_known_hosts | diff ssh_known_hosts -
FILES
/etc/ssh_known_hosts
EXIT STATUS
The following exit values are returned:
0 No usage errors. ssh-keyscan might or might not have succeeded or failed to scan one, more or all of the given hosts.
1 Usage error.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO ssh(1), sshd(1M), attributes(5)AUTHORS
David Mazieres wrote the initial version, and Wayne Davison added suppport for protocol version 2.
BUGS
ssh--keyscan generates
Connection closed by remote host
messages on the consoles of all machines it scans if the server is older than version 2.9. This is because ssh-keyscan opens a connection
to the ssh port, reads the public key, and drops the connection as soon as it gets the key.
SunOS 5.11 24 Jul 2004 ssh-keyscan(1)