Hello,
i rather new to writing scripts in UNIX so i thought this would be a good start.
I need to write a script that can login to different hosts in a standalone network. That means there are no connection to Internet etc. I need to collect some data on the hosts, and they have different usernames and passwords to access the information. This is what i have been trying:
rsh -l username host_xxx
that works fine, i get a password question and im in.
When i try to:
rsh -l username host_xxx /bla/blabla/mything
i doesnt work because it wants my password before executing mything i guess.
Is there a way to give it the password right away?
I read some about ssh, but that is hardly an option for me here, it is a pain getting approval to put something new on the hosts.
Ok,
so if i understand you correctly i need to edit the .hosts file on all hosts including the server im accessing them from?
Is there any way its possible without changing the hosts file. It is hard to get permission to do changes in files on the system im working on.
Or is it another way of accessing remote hosts that might do the trick?
Read the man pages, the file doesnt exist by default and depending of flavours, will only work if correct permissions are set to file.
.rhosts is to be found in the user's home directory generally set rwx------
I have acess to the .hosts file and can change it, but im not allowed to do that kind of changes on the system becasue of security reasons, (not on the actual system). This is going to be moved and used in a sequre environment and there is a big process to change permissons/files and so on.
Is there a way to write a script that changes users when you actually are on the correct host? For example
Now i do: su - xxx
password: xxx
can i put that in a script or is that impossible. Trying to get arround using .hosts and Expect
If so i can use rsh to log in and execute the script with the permissions i have. Then i can have the script change permissions and run the things i need and have it sent back to me?
Feels like a long shot i now, but im running out of ideas
not .hosts but .rhosts file
Once set properly it will allow you to do a rlogin to a host with -l user without passwd...
Now if you what to connect to remote host using your own account ( with .rhosts you will not be asked passwd...) then trying to su - <user> without passwd, that calls for sudo installation and configuration ( adding in sudoers file...)
A .rhosts file should be created in the home directory of the target user on the target computer. The .rhosts file should have permissions 600 and be owned by that user or root. There are security implications.
See "man 4 .rhosts".
The simplest form of a line in a .rhosts file is just:
computername username
"computername" must match the exact name of the source computer if looked up on the target computer through hosts or dns.
"username" is the name of the user from the source computer. That account does not have to exist on the target computer.
Once the .netrc is working both "rsh" (or more usually "remsh") and "rlogin" will not need a password. It is usually quicker to test with "rlogin".
Footnote:
An "rsh" (or more usually "remsh") without any commands becomes an "rlogin" command. This is why you got prompted for the password. See the man pages.
When i do rsh i give it two commands:
rsh <host> setenv $myPath; $mySecCommand >> <filename>
that works perfect when i set the .rhosts file on the target host. But when i dont set the .rhosts file it gives me an error message, but it seems like it can do the setenv anyway and i get what i want, without the correct permissions? Is this a "hole" in the sequrity. Because doing it this way i actually dont need the .rhosts file. I get what i want even if it complains.
Please post real commands and a description of what you expect to happen and proof of what actually happened.
The command posted runs two separate commands on the local computer, one of which is a "rsh". The semi-colon is actioned locally, as is the ">> <filename>".
After the semi-colon is executed locally.
The "rsh" is itself a local command but the parameters (in this case up to the semi-colon) are executed on the remote machine as shell commands.
If we escape the semi-colon the second command gets executed on the remote computer too. The log file still gets created on the local computer.
To me personally this is all academic. For anything beyond the simplest command line I would put the commands into a script on the remote machine and execute the script with:
rsh <host> -n "scriptname <parameter>"
The script itself would contain a shebang line and anything needed to set up a suitable environment to run the process.
A quick way to check which computer a command is executed on:
rsh remote_machine -n "uname -n";uname -n
rsh remote_machine -n "uname -n"\;"uname -n"
