lynn said the following on 04/30/2013 06:36 AM:
I'm going to need ssh to avoid a mess like this in future so I'll use the fact that I'll be physically visiting each client to get ssh going.
So: are you telling us that ssh was *NOT* installed *by* *default* on each machine to start with?
As we have Kerberos, maybe there's something I can organise with that instead of the ssh rsa. We have the machine key in the keytab by default so maybe I could just kinit -k without a password. That's how we're authenticating cifs at the moment. Just thinking out loud.
Maybe; its been a while but I used kerberos as a remote admin/remote login base for a cluster of AIX machines with ... heck, it had a lot of "S"s in it's name, way back in the last century. So it can be done. But in a *default* installation, ssh is installed and enabled and as I said "ssh-copy-id" lets you copy tou key across without needing to be physically present. Lets do another take: if you have *ANY* remote login capability, telnet even, then you can use zypper to install ssh. Having used kerberos, vnc and ssh, I'd go with ssh every time. That is mostly because of its flexibility. Buy (or beg or borrow) the O'Reilly book and you'll find some of the fantastic things you can do. For example, when OOTO I have on my laptop a script that sets up a ssh channel so that when I fire up my local copy of thunderbird I don't have to reconfigure it; it reads the mail on my mail server "as if it were local" and uses my smtp server. So I don't have to play games with new settings and authorization. You might call this a VPN but it avoids many of the traditional problems of a VPN. Ssh supports scripting very nicely and isn't that what you're trying for here? As for executing a remote command without a password ... well we ssh users do that all the time :-) -- The major advances in civilization are processes that all but wreck the societies in which they occur. - A.N. Whitehead -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org