02-16-2017
Quote:
Originally Posted by
RudiC
From the sshd man page rg. the authorized_keys file format:
so your first test command may not supply that variable.
I'm a bit insecure reg. your use of "host" and "client" which I think should be reversed...?
Oops, I might a little bit messed up with "host" and "client". Actually, I want to do a remote shutdown test from my "host" to shut down "all clients", and that's why I messed it up. I'll use your words below.
As you said, my first test command may not supply that variable. Do you mean client1 may not support the variable SSH_ORIGINAL_COMMAND?
Is this because of the ssh version too old? Is there any workaround?
Thanks.
9 More Discussions You Might Find Interesting
1. Solaris
I am currently setting up rdiff-backup to use ssh to connect and remotely backup and retrieve data. I am doing so by creating rsa keys for each server and copying the relevant key to the /.ssh folder on the relevant server.
All seems to work well when severs running solaris 8 with ssh 3.6.1 are... (6 Replies)
Discussion started by: falklandtim
6 Replies
2. Shell Programming and Scripting
Please tell me what is wrong in the following shell script.
#!/bin/sh
DATE1=`date -d "yesterday" +"%Y-%m-%d"`
ssh ftwplapp01 << EOF
echo "Date is :" $DATE1 > /tmp/testfile
cd /app/was6/AppServer/logs/prod_ebp_live/ebp
tar cvf /app/was6/AppServer/logs/prod_ebp_live_applogs_$DATE1.tar `find... (1 Reply)
Discussion started by: tsryn
1 Replies
3. Shell Programming and Scripting
Hello all,
I would like to declare and use variables inside an ssh session. I have the feeling that it's not possible. Here is the situtation simpified:
#:/bin/sh
test="salut"
echo $test
ssh hudson@10.41.21.99 <<EOF
export testssh="salut"
echo testssh=$testssh
... (4 Replies)
Discussion started by: Lotfus
4 Replies
4. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
5. Cybersecurity
Hello Gurus,
I am trying to set up bidirectional password-less login between a linux and a Solaris. The way I am doing is very simple, which is creating pub/priv key pairs on each host and add the pub key to each other's authorized_keys file:
ssh-keygen -t rsa (I tried dsa, and it didn't work... (4 Replies)
Discussion started by: error_lee
4 Replies
6. UNIX for Dummies Questions & Answers
I could use a fresh pair of eyes to look at this, because it has me baffled. I am attempting to setup pasword-less ssh keys (rsa) between 2 systems. As the user (admin on both systems), I have generated the keys on both the Solaris 11 and the OSX systems and using the cat command, I have copied the... (3 Replies)
Discussion started by: SmokeyJoe
3 Replies
7. Shell Programming and Scripting
i have a script that should ssh to different host/server. See below:
./script.ksh var1 var2 var3
case $ser in
ser1)
depo='appr1'
set -A aprrA aprrB
ssh ser2 "/home/dir/script.ksh $1 $2 $3"
ssh ser3 "/home/dir/script.ksh $1 $2 $3"
ssh ser4... (4 Replies)
Discussion started by: erin00
4 Replies
8. Shell Programming and Scripting
alias n-001='ssh hst-net-001'
alias n-002='ssh hst-net-002'
alias n-003='ssh hst-net-003'
alias n-004='ssh hst-net-004'
alias p-001='ssh hst-proxy-001'
alias p-002='ssh hst-proxy-002'
alias p-003='ssh hst-proxy-003'
alias p-004='ssh hst-proxy-004'... (0 Replies)
Discussion started by: lohith.dutta
0 Replies
9. Shell Programming and Scripting
Hi Folks,
I'm currently trying to read several values into different variables.
Actually, what I'm doing works, but I get an error message.
My attempts are:
read strCPROC strIPROC strAPROC <<<$(ssh -n -T hscroot@$HMC "lshwres -r proc -m $strIDENT --level sys -F \"configurable_sys_proc_units... (11 Replies)
Discussion started by: NKaede
11 Replies
LEARN ABOUT SUNOS
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)