[mdlug] Remote SSH commands
Mark Montague
markmont at umich.edu
Wed Jan 12 01:20:56 EST 2011
On January 12, 2011 0:41 , Aaron Kulkis <akulkis00 at gmail.com> wrote:
> you set up a sudo command from a normal user that runs a script (for
> example, the script might be called "wrapper", which takes a pathname
> as an argument, and runs the script located at that pathname. [...]
> In fact, your script on the server can be as simple as
> [note: pseudocode, not complete!]
>
> SCRIPT=/path/to/place/script
> for CLIENT in list of clients here
> do
> rcp /location/of/script ${CLIENT}:${SCRIPT}
> ssh ${USER}@${CLIENT} sudo wrapper ${SCRIPT}
> done
rcp is horribly insecure [*] (rsh - and its siblings rlogin and rcp --
are much worse than ftp, which isn't really good to use either). Since
you have ssh on the system, and have already set up a public/private
keypair for ${USER}, use scp to distribute the files instead:
scp /location/of/script ${USER}@${CLIENT}:${SCRIPT}
[*] See http://www.google.com/search?q=rsh+security+issues
--
Mark Montague
mark at catseye.org
More information about the mdlug
mailing list