Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Hi, I am on a linux server. i want to run a script which is on Solaris machine. I am using ssh command. With the below command, it is asking me for a password. i want to supply password to the command itself and also it is complaining that no such file or directory..Please help ssh udeuser@STINGER "/data/projects/marketsurv/RunMSRegression"
  • Comment on Help in running ssh command on a remote machine

Replies are listed 'Best First'.
Re: Help in running ssh command on a remote machine
by doc_faustroll (Scribe) on Mar 27, 2008 at 23:34 UTC

    what he said. It's as simple as 

    ssh-keygen -t dsa

    [download]
    then copy the key to the appropriate file on remote server

    man ssh-keygen is your friend. the above command generates: 

    
$HOME/.ssh/id_dsa.pub
Contains the protocol version 2 DSA public key for authentication.  Th
+e contents of this file should be added to $HOME/.ssh/authorized_keys
+ on all machines where the user wishes to log in using public key aut
+hentication.  There is no need to keep the contents of this file secr
+et.

    [download]
    though the man page says authorized_keys my experience says authorized_keys2. Use protocol 2, as you will be when you use dsa. preferable
[reply]
[d/l]
[select]
Re: Help in running ssh command on a remote machine
by moklevat (Priest) on Mar 27, 2008 at 21:32 UTC
    You can't supply a password as an argument to ssh. For passwordless ssh you need to set up keys. This look like a reasonably good guide to doing this (but there may be better ones).
[reply]
Re: Help in running ssh command on a remote machine
by hesco (Deacon) on Mar 28, 2008 at 05:34 UTC
    Creating shared keys across servers can be handy for rsync'ing your data from a cron job, logging in or running scripts across a ssh connection without answering a password prompt and otherwise automating work. It also introduces a security issue. Anyone with access to the first server will automatically have access to the other server by simply inspecting the ~/.ssh/ directory and the .bash_history file.

    Consider whether it makes sense to ask root to provide you with an application specific user which will only run those scripts you need to automate from a remote server. Privilege separation is key, build in security as you go. Don't trust iptables to keep out the bad guy. Consider how to contain the bad guys if they crack your firewall. Retrofitting security as an after-thought provides its dangers, that you will forget the need later, that you will postpone working out the secure way to get the job done because for the moment, well, at least you are getting the job done.

    I tend to create an application specific database user for nearly every script or application I create. I create application specific system users for many applications I write. Don't make it easy on a cracker. Frustrate them at every turn. Don't let one insecure application on your network lead to the compromise of your databases, applications and systems. And especially don't make it easy to root your server by sharing keys across servers for a user which gets expansive and unnecessary sudo privileges.

    And with those caveats, the advise above about ssh-keygen are responsive to your specific question.

    -- Hugh

    if( $lal && $lol ) { $life++; }
[reply]
      Thanks for the replies. Here is what i tried. I ran the below command on linux. ssh-keygen -t dsa and given the file name 'id_dsa_stinger' at the prompt it has created 2 files. id_dsa_stinger.pub and id_dsa_stinger. i created a new file 'authentication_keys2' and copied id_dsa_stinger.pub to authentication_keys2. How do i move the file 'authentication_keys2' to the solaris machine? Please help.
[reply]
[reply]

Back to Seekers of Perl Wisdom