[OT] ssh login script - Please Help

Mikkel L. Ellertson mikkel at infinity-ltd.com
Thu May 7 18:44:48 UTC 2009 

Mike Burger wrote:
> Mikkel wrote:
>> Or don't log in at all. Use scp to copy the file, and then ssh where
>> it is set to run a command when you connect. (Use the
>> comand="comand" format for the key.) One thing I am not sure of is
>> if you can use the same key for scp when using the command= option.
> 
> Well, is part of the openssh suite, and does/will use the same key as the
> ssh executable.
> 
> I use keys to scp and ssh to run commands all the time, without having to
> pass passwords along, in order to automate processes, all the time.
> 
I do the same. But I have never tried to use the private key that
was tied to a command on the other machine with scp, so I do not
know if scp will work with a key that is only allowed to run one
program on the remote machine. (You can not "login" in using that
key.) What I was thinking of was:

scp file to remote machine
ssh to remote machine witch triggers a command on the remote machine.

From the sshd man page:

command="command"
       Specifies that the command is executed whenever this key is
       used for authentication. The command supplied by the user
       (if any) is ignored.  The command is run on a pty if the
       client requests a pty; otherwise it is run without a tty.
       If an 8-bit clean channel is required, one must not request
       a pty or should specify no-pty. A quote may be included in
       the command by quoting it with a backslash. This option might
       be useful to restrict certain public keys to perform just a
       specific operation. An example might be a key that permits
       remote backups but nothing else. Note that the client may
       specify TCP and/or X11 forwarding unless they are explicitly
       prohibited. The command originally supplied by the client is
       available in the SSH_ORIGINAL_COMMAND environment variable.
       Note that this option applies to shell, command or subsystem
       execution.

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20090507/dc6d2787/attachment-0001.sig>

More information about the fedora-list mailing list