Re: Osascript and ssh
Re: Osascript and ssh
- Subject: Re: Osascript and ssh
- From: Axel Luttgens <email@hidden>
- Date: Thu, 29 Apr 2004 11:15:44 +0200
Nigel Smith wrote:
On 28/4/04 15:43, "Axel Luttgens" <email@hidden> wrote:
[...]
[...]
ssh will be invoked from a shell script. The account invoking the shell
script will be the "nobody" account. The script will be similar to:
ssh nigel@127.0.0.1 "osascript -e 'do stuff'"
I think I will need a way of including the password,
For that very precise question, the only way I can think of is to use
expect, that comes bundled since 10.3.
Of course, this would require the password to be stored somewhere in clear.
Hmm... perhaps not a big matter, as you anyway seem to want passwordless
ssh connections.
But as I don't know (or understand) the whole context, I really feel too
uncomfortable here...
So, just to be sure, you would have on your local machine a shell script
running as user nobody and needing to run on a remote machine a command
as user nigel? How gets that script launched?
Sorry for being so dumb...
since the "nobody"
account has limited privileges and won't be able to use a pre-generated RSA
key from the "nigel" account
Just a guess.
Does your calling script really need to run as nobody?
Couldn't you create an ad hoc user with just enough privileges (say: no
shell, disabled password, unique uid and gid, and perhaps a bare
read-only home directory for storing keys)?
And anyway, this would avoid to somehow escalate nobody's privileges.
(or can it?).
Well, this would somehow go against the concept of under-privileged
user, wouldn't it? ;-)
Axel
_______________________________________________
applescript-users mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/applescript-users
Do not post admin requests to the list. They will be ignored.