[OT] ssh login script - Please Help

Mike Burger mburger at bubbanfriends.org
Thu May 7 19:25:21 UTC 2009 

> Mike Burger wrote:
>> Mikkel wrote:
>>> Or don't log in at all. Use scp to copy the file, and then ssh where
>>> it is set to run a command when you connect. (Use the
>>> comand="comand" format for the key.) One thing I am not sure of is
>>> if you can use the same key for scp when using the command= option.
>>
>> Well, is part of the openssh suite, and does/will use the same key as
>> the
>> ssh executable.
>>
>> I use keys to scp and ssh to run commands all the time, without having
>> to
>> pass passwords along, in order to automate processes, all the time.
>>
> I do the same. But I have never tried to use the private key that
> was tied to a command on the other machine with scp, so I do not
> know if scp will work with a key that is only allowed to run one
> program on the remote machine. (You can not "login" in using that
> key.) What I was thinking of was:
>
> scp file to remote machine
> ssh to remote machine witch triggers a command on the remote machine.
>
> From the sshd man page:
>
> command="command"
>        Specifies that the command is executed whenever this key is
>        used for authentication. The command supplied by the user
>        (if any) is ignored.  The command is run on a pty if the
>        client requests a pty; otherwise it is run without a tty.
>        If an 8-bit clean channel is required, one must not request
>        a pty or should specify no-pty. A quote may be included in
>        the command by quoting it with a backslash. This option might
>        be useful to restrict certain public keys to perform just a
>        specific operation. An example might be a key that permits
>        remote backups but nothing else. Note that the client may
>        specify TCP and/or X11 forwarding unless they are explicitly
>        prohibited. The command originally supplied by the client is
>        available in the SSH_ORIGINAL_COMMAND environment variable.
>        Note that this option applies to shell, command or subsystem
>        execution.

Ok...I see where you're going.

Well, he could just continue to go with the methodology he's currently
employing...use scp to copy the file over, then use ssh to run a command
(that command could be a script that runs a number of things, obviously)
or multiple commands (multiple ssh calls).

-- 
Mike Burger
http://www.bubbanfriends.org

Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org

To be notified of updates to the web site, visit:

https://www.bubbanfriends.org/mailman/listinfo/site-update

or send a blank email message to:

site-update-subscribe at bubbanfriends.org

More information about the fedora-list mailing list