SSH question

Bennett, Daniel daniel.bennett@jnli.com
Tue, 18 Jul 2000 17:14:41 -0400


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01BFF0FC.791B15CA
Content-Type: text/plain;
	charset="iso-8859-1"

	Because of the way ssh works, you pretty much need a password in one
form or another.. The two most common ways of doing it are:

1. using it's keyring based security with no password on the keyring.. 
or 
2. putting the password in a script and tightening file permissions.  

	1 is bad 'cause people will be able to wantonly ssh from your
machine to the remote machine if they get root on your box.. 2 is bad 'cause
people will be able to view the script to find the password and then
wantonly ssh from your machine to the remote machine if they get root on
your box.
	I normally choose 1 and try like hell to avoid root compromises
(then again, don't we all).


-----Original Message-----
From: Mark Szidik - MLC [mailto:szidikm@mlc.lib.mi.us]
Sent: Tuesday, July 18, 2000 5:00 PM
To: linux-user@egr.msu.edu
Subject: SSH question



How do you SECURELY incorporate an SSH activity into a script & cron
job?

I want to automate backups to a central host using SSH, but cant figure
out how I can do this safely without needing passwords.

Thanks,


______________________________________________________________________
Mark Szidik
System Administrator           Ph: 517.694.4242 x17  Fax: 517.694.9303 
Michigan Library Consortium    http://www.mlc.lib.mi.us

_______________________________________________
linux-user mailing list
linux-user@egr.msu.edu
http://www.egr.msu.edu/mailman/listinfo/linux-user

------_=_NextPart_001_01BFF0FC.791B15CA
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">



RE: SSH question



        Because of = the way ssh works, you pretty much need a password in one form or = another.. The two most common ways of doing it are:

1. using it's keyring based security with no password = on the keyring..
or
2. putting the password in a script and tightening = file permissions. 

        1 is bad = 'cause people will be able to wantonly ssh from your machine to the = remote machine if they get root on your box.. 2 is bad 'cause people = will be able to view the script to find the password and then wantonly = ssh from your machine to the remote machine if they get root on your = box.

        I normally = choose 1 and try like hell to avoid root compromises (then again, don't = we all).


-----Original Message-----
From: Mark Szidik - MLC [mailto:szidikm@mlc.lib.mi.us]<= /FONT>
Sent: Tuesday, July 18, 2000 5:00 PM
To: linux-user@egr.msu.edu
Subject: SSH question



How do you SECURELY incorporate an SSH activity into = a script & cron
job?

I want to automate backups to a central host using = SSH, but cant figure
out how I can do this safely without needing = passwords.

Thanks,


_______________________________________________________________= _______
Mark Szidik
System = Administrator          = ; Ph: 517.694.4242 x17  Fax: 517.694.9303
Michigan Library Consortium    http://www.mlc.lib.mi.us

_______________________________________________
linux-user mailing list
linux-user@egr.msu.edu
http://www.egr.msu.edu/mailman/listinfo/linux-user=

------_=_NextPart_001_01BFF0FC.791B15CA--