06-20-2011
IMHO, best way, is to use SSH with keys. Pretty much all *ix has ssh nowadays. However if you have some really, really, really old hosts or some kind of *ix based appliance without ssh, you might be able to fall back to using rsh (not restricted shell but the remote shell, it's called remsh if done from HP-UX) and using .rhosts controls (which are insecure, so you may have to put an option on service start to fix that) to avoid having to use a password.
For ssh with keys, generate your local key (the platform making the calls) and append the public key portion into the remote user's ~/.ssh/authorized_keys (or sometimes it's authorized_keys2) file. Then you should be able to ssh (get a shell) from the local host to the remote host at the remote user without a password... you can run scripts and communicate back and forth through that as well.
---------- Post updated at 03:04 PM ---------- Previous update was at 03:04 PM ----------
For the sudo side, look at the NOPASSWD option for commands that can be run.
10 More Discussions You Might Find Interesting
1. OS X (Apple)
Hi again,
I spoke with Keyspan and they assured me the USB to Serial device was working if I could use the Screen tool.
I asked why I was unable to redirect stdin/stdout to and from the /dev/tty. device and was told there was no reason I shouldn't be able to do so.
I have tried:
... (1 Reply)
Discussion started by: cpfogarty
1 Replies
2. Shell Programming and Scripting
By a shell script When I am logging into hosts one by one with ssh.
I am getting below message.
Pseudo-terminal will not be allocated because stdin is not a terminal.
stty: : Invalid argument
stty: : Invalid argument
Can you please suggest what should I do to stop this?
... (10 Replies)
Discussion started by: KuldeepSinghTCS
10 Replies
3. OS X (Apple)
If I open two bash shells and telnet from Shell 2 to a remote server (on the Net), is there a way to direct input from Shell 1 to the telnet shell?
The telnet shell is a limited environment with a specific command set.
I want to direct commands from Shell 1 and, if possible, put 1-second... (2 Replies)
Discussion started by: xinUoG
2 Replies
4. Shell Programming and Scripting
Hi all:
This is an open question.
Which way/framework/sfw do you use to communicate/signals scripts running stand alone (on the same and different machines).
For example sometimes I use witness files to "trigger" that other script star/stop work and another one do a task of a job.
Of course;... (0 Replies)
Discussion started by: rbadillarx
0 Replies
5. Shell Programming and Scripting
Hello,
i have a demon 'c' program that have a dynamic table of logic registers ( 2000 variables ).
exemple of registers:
I1.34.5
M23.4.1
I want from shell acess to this table of registers.
How can i do this?
with something like for read I1.34.5:
#cat... (3 Replies)
Discussion started by: rzyz
3 Replies
6. AIX
hi all
just installed the netsec.options.tcpwrapper from expansion pack, which used to be a rpm, for my aix 6.1 test box.
it is so unpredictable. i set up the hosts.deny as suggested for all and allow the sshd for specific ip addresses/hostnames.
the tcpdchk says the hosts allowed and... (0 Replies)
Discussion started by: wf201626
0 Replies
7. Linux
Hello. In some script, I saw:
filename=${1:-/etc/hosts}
if && ; then
md5sum $filename
else
echo “$filename can not be processed”
fi
# Show the file if possible
ls -ld $filename 2>/dev/null
What does the first line means? In $filename I still got /etc/hosts. (2 Replies)
Discussion started by: lozicd3
2 Replies
8. Shell Programming and Scripting
I have about 500 hosts where I need to ssh by sending the password on the command line or in a text file in a clear text . However I am not able to download "sshpass" or other tools .
Any other ways to pass the password in a script ? (3 Replies)
Discussion started by: gubbu
3 Replies
9. Shell Programming and Scripting
Hi There,
I have a file contaning some 100 servers names one by one the file called redhat_servers.txt
I want to prepare a script where it should give me the host name and kernal version.
I wrote like this,
#!/bin/bash
while read line
do
ssh $line "uname -nr"
done <... (3 Replies)
Discussion started by: kumar85shiv
3 Replies
10. Solaris
Am trying to copy a tar file onto a series of remote hosts and untar it at the destination. Need to do this without having to do multiple ssh.
Actions to perform within a single ssh session via shell script
- copy a file
- untar at destination (remote host)
OS : Linux RHEL6 (3 Replies)
Discussion started by: sankasu
3 Replies
LEARN ABOUT SUNOS
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)