HPE Community
Operating System - HP-UX
1846764 Members
5062 Online
110256 Solutions
New Discussion

Shell question (rexec)

 
Sebastien Huber
Occasional Advisor

‎10-30-2001 08:26 AM

‎10-30-2001 08:26 AM

Shell question (rexec)

Hi, i would like in a shell to automate a remote execution by using rexec (not remsh!)
But did not find any solution to authenticate myself ; here is the tests i made :

srvA>rexec srvB -l logB pwd << !
`echo $pass`
!
-> then i'm asked for the password

srvA>echo $pass | rexec srvB -l logB pwd
-> idem

Any idea ?
-- Share what you know, learn what you don't
0 Kudos
Reply
10 REPLIES 10
Craig Rants
Honored Contributor

‎10-30-2001 08:30 AM

‎10-30-2001 08:30 AM

Re: Shell question (rexec)

Does svrb have a .rhosts entry for svra?

I would recommend installing Secure Shell and using that to perform trusted remote execution type commands.

Hope this helps.
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Uday_S_Ankolekar
Honored Contributor

‎10-30-2001 08:33 AM

‎10-30-2001 08:33 AM

Re: Shell question (rexec)

Hello,

.rhosts is the file that should take care of your problem

-USA..
Good Luck..
0 Kudos
Reply
Sebastien Huber
Occasional Advisor

‎10-30-2001 08:36 AM

‎10-30-2001 08:36 AM

Re: Shell question (rexec)

Thanks for this suggestion, but i've never tried to install secure shell, can u give me more information to do this ?
-- Share what you know, learn what you don't
0 Kudos
Reply
Darrell Allen
Honored Contributor

‎10-30-2001 08:36 AM

‎10-30-2001 08:36 AM

Re: Shell question (rexec)

From the man page of rexec:

The rexec command works the same as remsh except that it uses the rexec() library routine and rexecd for command execution (see rexec(3N) and rexecd(1M)) and does not support Kerberos authentication. rexec prompts for a password before executing the command instead of using hosts.equiv for authentication. It should be used in instances where a password to a remote account is known but there are insufficient permissions for remsh.

Think you'll have to use a password with rexec.

Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
0 Kudos
Reply
Sebastien Huber
Occasional Advisor

‎10-31-2001 06:20 AM

‎10-31-2001 06:20 AM

Re: Shell question (rexec)

Ok, i think i don't have given enough informations, here they are :
1) i want to perform a remote shell execution
2) i do not want to use a .rhosts file, users have to authenticate themselves
3) i do not want user to be able to show the password by using the ps command

Any idea ?
-- Share what you know, learn what you don't
0 Kudos
Reply
Craig Rants
Honored Contributor

‎10-31-2001 06:31 AM

‎10-31-2001 06:31 AM

Re: Shell question (rexec)

Have you looked at using expect? This newsgroup posting may help.

I'm using the following unix expect script to interact the Oracle
sqlplus utility. Sqlplus prompts for a password, expect sends the password,
then I 'interact'. Most of the time this works, but every once in a
while, the password shows on the screen, and expect just sits there
waiting for something, and doesn't make it to interact. If I put in a
'sleep 1', I don't have this problem, but am not sure why. Any
pointers? I'd like to (1) avoid the delay if possible, and (2) insure
that the password never shows even with the 'sleep', but without knowing
what's happening, I'm not confident that 'sleep 1' will always work.


#!/usr/local/bin/expect --
set usern "testuser"
set passw [exec aprogramtogetpassword $usern]
set timeout -1
eval spawn sqlplus $usern
log_user 0
expect "Enter password: "
# why do I need the following sleep?:
sleep 1
send "$passw\r"
log_user 1
expect {
"Enter user-name: " exit
"Connected"
}
interact
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Craig Rants
Honored Contributor

‎10-31-2001 06:47 AM

‎10-31-2001 06:47 AM

Re: Shell question (rexec)

Huber,
The easiest way to install ssh is to get the depots from the hpux porting site.

http://hpux.connect.org.uk/

get openssh, openssl, and zlib

Either make them a depot, or install seperately with openssh being the last install because of dependencies. I'll attach my notes for installation and setting up a trust based on keys

Of course hostnames and domains have been changed to protect the guilty
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Joseph A Benaiah_1
Regular Advisor

‎11-11-2001 10:01 AM

‎11-11-2001 10:01 AM

Re: Shell question (rexec)

Huber,

Sorry that I did not see you request earlier. With HP-UX, you can write a C program to carry out rexec commands without having to enter the password.

Compile it using the HP bundles C compiler by typing cc remex.c -o remex.

For use:

remex myhost "/sbin/ioscan -ufnCdisk" -q

It is quite secure as the way that I encode the password into it means that srunning a strings on the binary will not revel the password.
0 Kudos
Reply
Joseph A Benaiah_1
Regular Advisor

‎11-11-2001 10:07 AM

‎11-11-2001 10:07 AM

Re: Shell question (rexec)

Huber,

I seem to have problems attaching the source code in the forum area.

Lets try again.
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎11-11-2001 12:34 PM

‎11-11-2001 12:34 PM

Re: Shell question (rexec)

Huber,

This thread, although covering telnet, covers the same. You need expect, tcl, and tk:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x54e2c6af36b7d5118ff10090279cd0f9,00.html

live free or die
harry
Live Free or Die
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.