Re: perl & ssh

in reply to perl & ssh

I could be wrong, but trying to login to a machine without passwords is usually considered cracking and is usually illegal.

Edit:I did not completely comprehend what the question was asking. Please ignore my remark. I will never again attempt to respond to without a morning cup of coffee.

"The social dynamics of the net are a direct consequence of the fact that nobody has yet developed a Remote Strangulation Protocol." -- Larry Wall

Comment on Re: perl & ssh

Replies are listed 'Best First'.
Re: Re: perl & ssh by vaevictus (Pilgrim) on Aug 16, 2001 at 17:51 UTC
What the heck are you smoking. He's not trying to bypass any security measures to enter a system he doesn't have access to. Entering a machine without a password is not considered cracking. For example. Every webpage hit is accessing files on a remote system, usually without a password. Obviously, all this person wants to do is connect to one of his own boxes with ssh (which requires some form of authentication). To do this autonomously requires that you not have to do local authentication to your public key. SSH can do public key authentication, which is both more secure than password authentication, and also provides for an additional layer of authentication at the local level. To connect to a box with ssh && public key authentication, usually you password your public key so that only you can use that file to connect. Unfortunately for standard automation, most public keys have to have null passwords. Any web server, for example, that runs SSL usually has this local layer of passwords omitted from it's configuration so that the server can start on its own, rather than requiring you to manually enter the password each time you want to bring the server up. To monitor disk usage and processor information without providing it to the entire world, you have very little option other than to use ssh, public key authentication, and a public key with a null passphrase. As was said before, use ssh-keygen and don't specify a passphrase.	[reply]

Replies are listed 'Best First'.

Re: Re: perl & ssh
by vaevictus (Pilgrim) on Aug 16, 2001 at 17:51 UTC

Obviously, all this person wants to do is connect to one of his own boxes with ssh (which requires some form of authentication). To do this autonomously requires that you not have to do local authentication to your public key.

SSH can do public key authentication, which is both more secure than password authentication, and also provides for an additional layer of authentication at the local level. To connect to a box with ssh && public key authentication, usually you password your public key so that only you can use that file to connect.
Unfortunately for standard automation, most public keys have to have null passwords. Any web server, for example, that runs SSL usually has this local layer of passwords omitted from it's configuration so that the server can start on its own, rather than requiring you to manually enter the password each time you want to bring the server up. To monitor disk usage and processor information without providing it to the entire world, you have very little option other than to use ssh, public key authentication, and a public key with a null passphrase. As was said before, use ssh-keygen and don't specify a passphrase.

[reply]

In Section Seekers of Perl Wisdom