Date: Wed, 27 Mar 2002 20:16:00 +0000 (GMT) From: Jim Durham <durham@w2xo.pgh.pa.us> To: Fernan Aguero <fernan@iib.unsam.edu.ar> Cc: FreeBSD Security <freebsd-security@FreeBSD.ORG> Subject: Re: using ssh to run remote commands? Message-ID: <Pine.BSF.4.21.0203272011290.21669-100000@w2xo.pgh.pa.us> In-Reply-To: <20020327152947.B443@iib.unsam.edu.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 27 Mar 2002, Fernan Aguero wrote: > I'd like to know how to run remote commands using ssh. > I know I can do it as myself, but I'd like to know how can I set up my > systems to allow non-login users (root, operator, amanda) to run > remote commands on other hosts. > > Specifically, I want to now how can i run restore on the backup server > (the one holding the tape drive) to recover full filesystems to a > remote host. > Obviously this should be done as either root or some other privileged > user. > > All examples point to rsh, and I'd like to know if this can be done > securely using ssh. > You can do this pretty easily with 'expect'. You will need to have your private/public key set installed properly so you don't have to put a password in your script. At that point, just have expect spawn ssh and connect to the backup machine and execute the commands. All these kinds of things are frought with danger. At least, this way, the only thing that could really kill you is someone getting your private key. Putting a password in your script is even worse, though. You might also investigate rsync over ssh for backups. You could fire this off as a cron job from the backup. -Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0203272011290.21669-100000>