bgi has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

im looking for a way to use GRID::Machine with Authentication! So i use Net::SSH2 and GRID::Machine, but i have no idea how to combine the functions :[

Cant i make something like a tunnel with Net::SSH2 and let the GRID::Machine connect through it???

Regards from Germany

Replies are listed 'Best First'.
Re: GRID::Machine with authentication
by Corion (Patriarch) on Jun 20, 2008 at 12:47 UTC

    GRID::Machine seems to use ssh and passwordless keys already, so I'm not sure where your problem is, exactly. Maybe you can explain a bit more verbose what problem you are trying to solve.

[reply]
Re: GRID::Machine with authentication
by bgi (Sexton) on Jun 20, 2008 at 13:22 UTC
    Hi,

    the problem is that i need to ask user and password because many people should use the script and it is not wished due to security reasons that there is a automatic authentication...sucks, but its a rule :[

    the final goal is to use a SSH connection to a server, from there a second SSH connection to an other server and from there via telnet to a switch...each hop with authentication Oo

    im already working so fucking long on this, and thats the last step :DD

    Regards
[reply]

      I still don't see the problem. This is most likely because you haven't described the whole situation. I think a current solution would still be to give everybody their own, passwordless key and make them use their personal key when they launch the script.

      I don't see why your construct of multiple SSH/telnet hops is necessary, but it can easily be eliminated by launching netcat as the remote shell to do the direct ssh tunneling.

[reply]
[d/l]
Re: GRID::Machine with authentication
by Anonymous Monk on Jun 21, 2008 at 18:51 UTC
    Hello bgi,

    Automatic authentication is safer that password authentication if you use a passphrase for the identity file and is the preferred method by experienced admins. To have automatic authentication and passphrase working toghether you must:

    1. Generate the pair private-public key with passphrase and
    2. use ssh-agent and ssh-add. Once you have authenticated against the "agent" all the connections will go without any additional passphrase typing.
    Also, hide all the connection parameters inside a section of your ~/.ssh/config file. Something like this: 
    ...

Host rbeo
user otheruser
Hostname localhost
Port 2048
IdentityFile /home/pp2/.ssh/ursu

...

    [download]

    This is the recommended way when working with GRID::Machine (rather than giving a lot of parameters in the call to the constructor)

    Hope it helps

    Casiano

[reply]
[d/l]
[select]
Re: GRID::Machine with authentication
by bgi (Sexton) on Jun 23, 2008 at 07:48 UTC
    Hi,

    is it possible to use it with password authentication? the script is fpr my company and it is not possible to do it with the key authentication...i have to give a solution with username and password...

    Regards
[reply]
      Yes, you can. But then you have to type the password each time you create a new connection ...

[reply]

Back to Seekers of Perl Wisdom