[OT] ssh login script - Please Help
Mike Burger
mburger at bubbanfriends.org
Thu May 7 19:25:21 UTC 2009
> Mike Burger wrote:
>> Mikkel wrote:
>>> Or don't log in at all. Use scp to copy the file, and then ssh where
>>> it is set to run a command when you connect. (Use the
>>> comand="comand" format for the key.) One thing I am not sure of is
>>> if you can use the same key for scp when using the command= option.
>>
>> Well, is part of the openssh suite, and does/will use the same key as
>> the
>> ssh executable.
>>
>> I use keys to scp and ssh to run commands all the time, without having
>> to
>> pass passwords along, in order to automate processes, all the time.
>>
> I do the same. But I have never tried to use the private key that
> was tied to a command on the other machine with scp, so I do not
> know if scp will work with a key that is only allowed to run one
> program on the remote machine. (You can not "login" in using that
> key.) What I was thinking of was:
>
> scp file to remote machine
> ssh to remote machine witch triggers a command on the remote machine.
>
> From the sshd man page:
>
> command="command"
> Specifies that the command is executed whenever this key is
> used for authentication. The command supplied by the user
> (if any) is ignored. The command is run on a pty if the
> client requests a pty; otherwise it is run without a tty.
> If an 8-bit clean channel is required, one must not request
> a pty or should specify no-pty. A quote may be included in
> the command by quoting it with a backslash. This option might
> be useful to restrict certain public keys to perform just a
> specific operation. An example might be a key that permits
> remote backups but nothing else. Note that the client may
> specify TCP and/or X11 forwarding unless they are explicitly
> prohibited. The command originally supplied by the client is
> available in the SSH_ORIGINAL_COMMAND environment variable.
> Note that this option applies to shell, command or subsystem
> execution.
Ok...I see where you're going.
Well, he could just continue to go with the methodology he's currently
employing...use scp to copy the file over, then use ssh to run a command
(that command could be a script that runs a number of things, obviously)
or multiple commands (multiple ssh calls).
--
Mike Burger
http://www.bubbanfriends.org
Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
To be notified of updates to the web site, visit:
https://www.bubbanfriends.org/mailman/listinfo/site-update
or send a blank email message to:
site-update-subscribe at bubbanfriends.org
More information about the fedora-list
mailing list