Re: Run only if it the request is originating from a specific machine

I'd look to restrict it within ssh, unix permissions, and sudo - not within the script itself.

One possibility: Create a new account on the local machine; make it the owner of the script; in its .ssh profile, allow connections only from the other server. Give the script owner-only permissions (700). Then from the remote host:

ssh oracle2@dbhost1 "/opt/oracle/runroot.pl"
[download]

Or maybe, create the new account as above; but make the script root-owned and 700; and via sudo, allow only the new account to run the script. Then, from the remote host:

ssh oracle2@dbhost1 "sudo /opt/oracle/runroot.pl"
[download]

Comment on Re: Run only if it the request is originating from a specific machine Select or Download Code

Replies are listed 'Best First'.
Re^2: Run only if it the request is originating from a specific machine by calsaint (Initiate) on Aug 26, 2011 at 16:44 UTC
I think we are going to end up doing this. he list of machines could be 100s so was trying to avoid creating a user... looks like there is no other way. planning to see if a simple program with a socket ofcourse client/server model will do...	[reply]
Re^3: Run only if it the request is originating from a specific machine by hbm (Hermit) on Aug 26, 2011 at 17:56 UTC
Your earlier descriptions sounded very much one-to-one. Now, I don't think I understand your problem at all...	[reply]
Re^4: Run only if it the request is originating from a specific machine by calsaint (Initiate) on Aug 29, 2011 at 20:59 UTC
I am talking about the possibility of creating a user in those many number of machines. it is still one-to-one but going to be implemented on a lot of machines... thats why trying to see if there is any possibility to not create userids.	[reply]