12-17-2009
The openSSH standard actually "forbids" reading a password from a file in an interactive shell script. If the script runs without a controlling terminal in the process tree, it will allow it.
10 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
Hello all,
I have a bit of trouble working a passwordless SSH from UNIX to Cygwin running windows 2k3. Here are some details. I AM able to SSH from the Windows box to the UNIX box using the keys. Also, I'm able to SSH from UNIX to Windows w/o the keys. However, when I try to do it with the keys... (9 Replies)
Discussion started by: kclerks11
9 Replies
2. UNIX for Dummies Questions & Answers
Hi everyone,
I have a quick/newb question:
I know that a public key is used to encrypt data and a private key is used to decrypt data but who keeps the public/private keys??
Does the Web Server hold both?
Does the Web Server have the public key and does the client have the private key? ... (3 Replies)
Discussion started by: tical00
3 Replies
3. UNIX for Dummies Questions & Answers
Hi,
please guide me create a public/private key using ssh-keygen, lets say I have been access to server named pngpcdb1with a userid and password ...!!! and also please explain in detail the concept of these keys and ssh as I was planning to use them in ftp related scripts..! Thanks in... (1 Reply)
Discussion started by: rahul125
1 Replies
4. Shell Programming and Scripting
Hi all,
I needed a shell script for file transfering using public/private keys for authentication.
Could you please help me out on this?
A procedure to write a shell script is enough.
Thanks in advance.
Regards.
Vidya N (8 Replies)
Discussion started by: Vidya N
8 Replies
5. Shell Programming and Scripting
Hi All,
I have a query....say on server A, I have generated the Private and Public keys and shared the public key with server B.
Now i can surelyconnect(without password) from server A to server B.....
but can i similarly connect from server B to server A as well
Regards (1 Reply)
Discussion started by: Arpit Narula
1 Replies
6. Shell Programming and Scripting
hi guys , i have few files i have to do sftp, the public and private key work like a magic , no problem at all
the syntax is as below
sftp -0 identityfile=~/ure/blsl/loc2/.ssh/id_rsa_ssh1 ssh1@remote >log_dir/file.timestamp<<end
lcd folder
cd folder
put *
quit
end
================
my... (3 Replies)
Discussion started by: rockymayavia
3 Replies
7. Solaris
Hi i am using solaris 10.I am trying to setup a public/private key but it is not working.Appreciate your repsonse on it
There are two servers DB1 server and DB2 server.
1)I have generated public/private key using below step on both servers.
ssh-keygen -t rsa
2)From DB1 server moved the... (6 Replies)
Discussion started by: muraliinfy04
6 Replies
8. UNIX for Dummies Questions & Answers
Hi,
What tool is used to generate public and private keys for SCP?
Do you have an example script that generates these keys, puts them in files and then another example script that references them from SCP?
Thanks, (9 Replies)
Discussion started by: Astrocloud
9 Replies
9. Shell Programming and Scripting
Hi All,
I have a requirement where i need to check if an rsa public key corresponds to a private key and hence return success or failure. Currently i am using the command
diff <( ssh-keygen -y -e -f "$PRIVKEY" ) <( ssh-keygen -y -e -f "$PUBLICKEY" )
and its solving my purpose. This is in... (1 Reply)
Discussion started by: mritusmoi
1 Replies
10. UNIX for Advanced & Expert Users
Hi,
we have private and public key, encrypt file using public and want to decrypt using private key. can you please advise below commands are correct or other remedy if unix have?
encrypt -a arcfour -k publickey.asc -i TESTFILE.csv -o TESTFILE00.csv
decrypt -a arcfour -k privatekey.asc... (2 Replies)
Discussion started by: rizwan.shaukat
2 Replies
LEARN ABOUT DEBIAN
molly-guard
MOLLY-GUARD(8) [FIXME: manual] MOLLY-GUARD(8)
NAME
molly-guard - guard against accidental shutdowns/reboots
SYNOPSIS
shutdown [-hV] [--molly-guard-do-nothing] [-- script_options]
halt [-hV] [--molly-guard-do-nothing] [-- script_options]
reboot [-hV] [--molly-guard-do-nothing] [-- script_options]
poweroff [-hV] [--molly-guard-do-nothing] [-- script_options]
DESCRIPTION
molly-guard attempts to prevent you from accidentally shutting down or rebooting machines. It does this by injecting a couple of checks
before the existing commands: halt, reboot, shutdown, and poweroff. This happens via scripts with the same names in /usr/sbin, so it only
works if you have /usr/sbin before /sbin in your PATH!
Before molly-guard invokes the real command, all scripts in /etc/molly-guard/run.d/ have to run and exit successfully; else, it aborts the
command. run-parts(1) is used to process the directory.
molly-guard passes any script_options to the scripts, and also populates the environment with the following variables:
o MOLLYGUARD_CMD - the actual command invoked by the user.
o MOLLYGUARD_DO_NOTHING - set to 1 if this is a demo-run.
o MOLLYGUARD_SETTINGS - the path to a shell script snippet which scripts can source to obtain settings.
molly-guard prints the contents of /etc/molly-guard/messages.d/COMMAND or /etc/molly-guard/messages.d/default to the console, if either
exists. This is due to /etc/molly-guard/run.d/10-print-message.
GUARDING SSH SESSIONS
molly-guard was primarily designed to shield SSH connections. This functionality (which should arguably be provided by the openssh-server
package) is implemented in /etc/molly-guard/run.d/30-query-hostname.
This script first tests whether the command is being executed from a tty which has been created by sshd. It also checks whether the
variable SSH_CONNECTION is defined. If any of these tests are successful, test script queries the user for the machine's hostname, which
should be sufficient to prevent the user from doing something by accident.
You can pass the --pretend-ssh script option to molly-guard to pretend that those tests succeeds. Alternatively, setting
ALWAYS_QUERY_HOSTNAME in /etc/molly-guard/rc causes the script to always query.
The following situations are still UNGUARDED. If you can think of ways to protect against those, please let me know!
o running sudo within screen or screen within sudo; sudo eats the SSH_CONNECTION variable, and screen creates a new pty.
o executing those command in a remote terminal window, that is a XTerm started on a remote machine but displaying on the local X server.
You have been warned. You can use the --molly-guard-do-nothing switch to prevent anything from happening, e.g. halt
--molly-guard-do-nothing.
OPTIONS
--molly-guard-do-nothing
Cause molly-guard to print the command which would be executed, after processing all scripts, instead of executing it.
-h, --help
Display usage information.
-V, --version
Display version information.
SEE ALSO
shutdown(8), halt(1), reboot(8), poweroff(8).
LEGALESE
molly-guard is copyright by martin f. krafft. Andrew Ruthven came up with the idea of using the scripts directory and submitted a patch,
which I modified a bit.
This manual page was written by martin f. krafft madduck@madduck.net.
Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0
COPYRIGHT
Copyright (C) 2008 martin f. krafft
[FIXME: source] Apr 19, 2008 MOLLY-GUARD(8)