Executing a command remotely (rexec)

I would like to execute a command remotely via rexec (or some other native service, but preferably rexec).  I can run a command remotely as follows:
rexec <hostname> -l testid -n ll
At this point I'm prompted for my passwd
I'd like to include the pw in the command line.  How can I do this?  Is there a way to incript the password?
Thanks for the help.
Who is Participating?
tfewsterConnect With a Mentor Commented:
man remsh (On a HP-UX 10.20 system) says:

The rexec command, a link to remsh, works the same as remsh except that it uses the rexec() library routine and rexecd for command       execution (see rexec(3N) and rexecd(1M)).  rexec prompts for a password before executing the command instead of using hosts.equiv for     authentication.  It should be used in instances where a password to a remote account is known but there are insufficient permissions for remsh.

Apologies for misleading you on the format on .rhosts - it was OK all along; tho' it never hurts to check :-)

So you just need to use remsh instead of rexec: The syntax is the same, and I believe it meets your original requirements, as you are working at shell level (i.e. not writing programs)

You could create a .rhosts file (in your home directory on the remote system) with the nodename of the system you are initiating the command from in it, so you aren't prompted for a password.

The other way is to use "expect" to provide the input to the rexec command when it asks for the password.

Dunno what system you are using, but some implementations of rexec will accept a command like:

rexec -l username -p password host command

Check the manpages for your rexec command to find out if yours has this feature.
[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

I can`t remember exact specifics right now but if you email me tommorrow I can get it for you.
you can use either rsh or rexec
both allow for pre entry of passwords in special files. as above comment.
one is .rhosts and the other is hosts.equiv and I have used both on a system at my work.
There is something special about setting the file permissions of one of the above files to 400 so that your password is not readable by anybody else
for the remote system.
let me know what system you are using.
I have set up on IRIX and AIX
wgre: .rhosts & hosts.equiv don't contain passwords, just hostnames (and users on those hosts, in hosts.equiv) who are "trusted" by the remote system.

I suspect you're thinking of .netrc, which CAN contain a password as part of an ftp "script" - the system ignores .netrc if it's publicly readable to "force" you to keep it secure :)
jeffarnoldAuthor Commented:
tfewster (or anyone):  A little clarification please.
I imagine the .rhosts file looks like:
hostname     userid
This file must be created in the home directory?  I assume that means you must login from the remote system as userid (as defined above).  Could you clarify the syntax of the command as well.
rexec <hostname> -l userid -n command
If I use this command line, I shouldn't need to supply the password.  Correct?  Lastly, could you also provide an example using "expect".  Is that a command line parameter?
Thanks again.
If you want to use a .rhosts on the remote system, it needs to have the exact hostname (as perceived by the remote) and may optionally include a username. The way to be certain of having the correct hostname is to telnet or rlogin to the remote and do a "who" and put the hostname in the .rhosts. If your username is the same on both the local and remote system you don't need anything else. If not, you can but the local username on the same line as the host name, e.g. "local-system-name local-username"
jeffarnoldAuthor Commented:
Please read my entire comment above (as well as this one) before responding.  I'm working on an HP-UX system.  I have an existing .rhosts file in the user directory (we'll call it testid).  It's configured as followed:
tohost     testid
fromhost   testid
(where fromhost is the host I'm connecting from and tohost is the box where the .rhosts file is located.  testid exists on both servers.)
When I try to execute a command remotely as follows:
rexec tohost -l testid -n ls
(-l indicates login id, -n indicates command.  The man pages provide no further information.  Hence why I've written the question.)
I'm prompted for a password.  So, obviously password authentication is not being bypassed as described above.  The question is why?  I'm sure because I haven't configured something properly.  Please provide a "clear", very descriptive example of how I may accomplish this.  Also, if possible please provide a second example using the "expect" parameter described above.
Thanks for everyone's input.
OK, as you've seen from the man pages, HP-UX's rexec won't allow you to give a password as part of the command (for security, no doubt). It is possible that using the -l testid option bypasses looking for the .rhosts file - Try the command without the userid

..rhosts is in the right place; Try removing the " testid" from the end of the line in .rhosts in case it's being interpreted as part of the trusted hostname - I seem to recall the format should be "trusted_hostname +trusted_user" IF a user is specified

I can't check the format at the moment, but man hosts.equiv explains it (fully, if not clearly)

Check that /etc/hosts.equiv on tohost does not bar the local system (which would override your .rhosts file)

- Assuming /etc/hosts.equiv is empty or at least does not bar fromhost or testid;
- .rhosts in testid's home directory on tohost contains just "fromhost";
- Logged in as testid on fromhosts, do rexec tohost -n ls; If this fails, try remsh tohost ls (or even remsh tohost on it's own) [remexec is a more secure subset of remsh].

"expect" is a scripting language, which I'm sure you'd rather not get into if it can be avoided, but I'll check the source & syntax anyway.

If these tips don't work, I'll come over and give you a hand...

Okay, the .rhosts file is located in testid's home directory on the remote (tohost) and it contains the correct (as seen by tohost) hostname of the local machine (fromhost). If I got that right you've not made any errors in setting it up. It could be that the remote system has been set up to explicitly disallow .rhosts files. This is not uncommon and it's typically done for security purposes.

So now we need to use expect. The following script should be very close:

#!/path-to-installed/expect --

spawn rexec $argv
expect "ssword"
send "a-password\r"

Make it executable and you can issue commands like "script host -n cmd".

If you can't "bypass" the security and want to go with expect:

tcl/tk tool kit (including expect): Usually /opt/tk* under HP-UX

If you don't already have expect:
http://dev.scriptics.com/ (sources, binaries, inc. port to HP-UX , apps & more!)

http://www.oreilly.com/catalog/expect/chapter/ch03.html (guide, but jlevie's script is perfect for this problem)

I suggest you protect the script with chmod 700 to prevent anyone else reading the password  =8-O

Regards, Tim
jeffarnoldAuthor Commented:
Thanks for the input.  I may have more questions later...
All Courses

From novice to tech pro — start learning today.