Re: Securely scripting a remote machine (was Re: VB or c++ call in script)
Re: Securely scripting a remote machine (was Re: VB or c++ call in script)
- Subject: Re: Securely scripting a remote machine (was Re: VB or c++ call in script)
- From: Johnny AppleScript <email@hidden>
- Date: Mon, 20 Sep 2004 08:46:12 -0600
On 04/09/20 3:27 AM, "Sander Tekelenburg" <email@hidden> wrote:
> In practice the user experience is just like that of Keychain. You log in to
> places without needing to type a passphrase.
>[...]
> This set-up is useful already simply for not having to remember each and
> every passphrases of each and every account on each and every remote machine.
> But it's also ideal for situations where you want a script to do something on
> a remote machine:
>
> do shell script "ssh [username]@[IP];[commands]"
I feel pretty foolish for not having actually read the man fully on ssh, but
instead listened to a *NIX "expert" when I had described the problem and
said I wanted to log in in such a manner. He said there was no workaround
for what I wanted.
To be fair, however, the above described ease is exactly what I need to
avoid; I'm going to have to find a middle ground where I still have to use a
password of some kind on each execution, or at least possess one, due to the
way our labs and clients have access over the LAN/WAN; I (nor others) do not
always have the luxury of sitting at the same machine, and I cannot just
grant blanket, no-password trust to every machine. I imagine my situation
must have been anticipated, and I just need to better understand the use of
keys, how to grant, and how to revoke them as required. The brief look I
had at the expect module seemed like there was some provisions there for
that, but I have not had time to confirm yet.
For reference, part of what we encounter is teaching people to work on and
with Mac OS X computers, often their own laptops that they either bring in,
or any machine they have logged in from remote location with. Too often they
have problems and it is necessary (often just to keep the class moving) to
go to their machine and fix (or hit with a hammer) the problem; often it
would be really quick and simple to be able to quickly log in without
leaving my desk and do what I know needs to be done remotely, and sometimes
AS can be a real help with that, too.
I'm not sure how convenient or appropriate the ssh key authentication model
will be to that somewhat transient environment, but I still hope to find a
solution buried within it and other new clues
Thanks to everyone again, and, you, Sander for the nifty utility tip and
example.
JA (drooling at the prospects now open to him -- and who needs ARD, anyway?)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Applescript-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden