[mdlug] Remote SSH commands

Mark Stanislav mark.stanislav at gmail.com
Wed Jan 12 09:08:38 EST 2011 

If you (or anyone else) is looking for a more elegant way to administrate systems through a structured framework with a publisher/subscriber model, take a look at Marionette-Collective (mCollective) http://www.puppetlabs.com/mcollective/introduction/

-Mark

On Jan 12, 2011, at 9:02 AM, Ingles, Raymond wrote:

> For running a fixed set of commands, you might consider the program I
> wrote, "Ostiary". It is designed to securely run only a specific set of
> commands, and can be configured to run them as any particular user. (On
> my machines, one of those commands is 'enable ssh login', of course.)
> 
> The gory details here: http://ingles.homeunix.net/software/ost/
> 
> Sincerely,
> 
> Ray Ingles                                            (313) 227-2317
> 
> "Lately I've been getting the impression that overzealous censorship
>   [...] is an adult manifestation of fear of cooties." - anonymous
> 
>> 
> The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.
> 
>> From: mdlug-bounces at mdlug.org [mailto:mdlug-bounces at mdlug.org] On
> Behalf Of
>> Michael ORourke
>> Sent: Tuesday, January 11, 2011 11:53 PM
>> To: MDLUG's main mailing list
>> Subject: [mdlug] Remote SSH commands
>> 
>> Lug Nuts,
>> 
>> Anyone out there using the "forced-commands-only" option under
> OpenSSH?
>> 
>> From what I have read, it sounds like it's a pain to administer
> because it
>> is based on key-pairs.  I'm just curious if other admins are using
> that
>> option and restricting remote root logins.  It's extremely handy to
> run
>> commands from a central server as root, but breaks if you set
>> "PermitRootLogin no" in the sshd_config.
>> 
>> -Mike
>> 
>> 
>> _______________________________________________
>> mdlug mailing list
>> mdlug at mdlug.org
>> http://mdlug.org/mailman/listinfo/mdlug
> 
> 
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug

More information about the mdlug mailing list