[mdlug] Remote SSH commands
John Wiersba
jrw32982 at yahoo.com
Wed Jan 12 10:32:36 EST 2011
> SCRIPT=/path/to/place/script
> for CLIENT in list of clients here
> do
> rcp /location/of/script ${CLIENT}:${SCRIPT}
> ssh ${USER}@${CLIENT} sudo wrapper ${SCRIPT}
> done
If that's all you're doing, then it's not very secure. The purpose of forced
commands is to allow a particular login (typically via keypair) to run only a
limited set of commands. If you're going to open it up to run any commands at
all, then you're circumventing that protection. At the very least, in your
case, you should try to limit the commands to a particular directory.
More information about the mdlug
mailing list