[Bio-Linux] SSH Question
Kerr Wall
pkerrwall at psu.edu
Tue Feb 25 12:02:41 EST 2003
On 2/25/03 11:23 AM, "Dr Dan Swan" <dswan at ceh.ac.uk> wrote:
> On Tue, 2003-02-25 at 15:46, Kerr Wall wrote:
>
> Hi Kerr,
>
>> I have a question concerning ssh. I have received a request from the
>> programmer at Cornell who is responsible for getting FGP tracefiles from our
>> server in an automated fashion to switch from the openSSH server that came
>> with the clone to the comercial version at ssh.com. He has stated that the
>> script he has written to automatically login to our server doesn't work with
>> openSSH and that it only works with the version from ssh.com.
>>
>> Would you guys recommend this (ie, would this cause any dependency problems
>> or are there any security concerns that I don't know about)? If so, what is
>> the best way to uninstall openSSH and then install SSH (I'm guessing that
>> using the rpm command will accomplish this)? If not, do you have any
>> suggestions for him to get a working perl script to automatically login with
>> openSSH?
>
> So he wants you to change the OpenSSH daemon on your clone because he's
> using a commercial version of the ssh client? That's a bit unfair ;)
>
> Its perfectly possible to install the commercial version of the ssh
> daemon on the clone, although you will not be able to do it using an rpm
> as it supplied as a source tarball. There's no licencing issue as its
> free for academics. I would suggest however that your colleague
> downloads the client/base rpms from www.openssh.org and installs those
> on his machine. I am suprised though, I have not had any
> interoperability issues with open/commercial ssh :
Thanks, I've forwarded all replies and he has agreed to install openSSH.
> Are you sure you're both using ssh protocol version 2? They should play
> fair together unless there's a protocol mismatch.
We are both using version 2.
> If he really isn't prepared to do make the switch then I can send you a
> blow by blow account on installing the ssh.com version of sshd and
> replacing OpenSSH. But I'm not going to recommend it as the best
> solution!
>
> If he has written the script to log into your clone.. how edoes he know
> it works with the commercial ssh daemon anyway? Just curious! Any
> chance we can get a peek at the script (with usernames and passwords
> removed of course!).
Here is the response from Dan (at Cornell):
************************************************************************
I just use key based authentication with a blank passphrase. The syntax
for login then looks like:
ssh -l username -i path_to_identification_file ip_address
If you're logging in from a user login on your local machine that is the
same as the username on the remote machine, you can oming the -l and -i
parameters since by default it uses your current username and it look
for the ~/.ssh2/identification file.
For further info on setting up key based authentication take a look at
the ssh man file.
In scripts I use it to do lots of things such as running commands
remotely. For example, to open a file handle in perl that feeds in a
list of all the zip files in the directory (so I get a listing of all
the plates) I was doing this:
open PS_FILES, "ssh -l transfer -i /home/dci1/.ssh2/identification
128.118.180.140 'ls *.zip' |";
I keep the identification file with the private key in my home dir, but
it could be anywhere as long as you tell it how to get to it.
************************************************************************
Thanks,
Kerr
More information about the Bio-linux-list
mailing list