http://qs1969.pair.com?node_id=290399


in reply to ssh session

I'm guessing that you want to write a script with Perl. Otherwise your question is off-topic. :)

I don't know how CISCO routers handle ssh sessions, but if you want to automate ssh connections, I think your best best is public key with empty passphrase. If a script can decrypt whatever password by whatever means, so can your perpetrator (once he gets your script). (Hmmm.... My answer is completely devoid of Perl content.)

Addendum With public key, you'll have to guard your private key to the best of your abilities.

Replies are listed 'Best First'.
Re: Re: ssh session
by bugsbunny (Scribe) on Sep 10, 2003 at 13:37 UTC
    it is not possible to use "empty-pass.." with cisco, 'cause it supports only ssh1 with DES encryption.. rather outdated.. And yes i want to do all this with Perl, 'cause there will be alot of parsing of the results :"), not only logon-execute-logout..
    hmm .. what about persistant connection (or at least 1-2 hour). I will need some sort of deamon for this isnt it ?!
      Maybe rather than using cron to have your program execute automatically at regular times (forcing you to store the access mechanism somewhere), you could make it running eternally after you supplied the right credentials manually during startup.

      Then maybe you would need a cron job to check whether the program is still running.

      It might have some job security implications as well, that you may or may not like (it's not always nice if you cannot be missed).

      Liz