Executing a command remotely (rexec)

Posted on 2000-02-15
Medium Priority
Last Modified: 2013-12-06
I would like to execute a command remotely via rexec (or some other native service, but preferably rexec).  I can run a command remotely as follows:
rexec <hostname> -l testid -n ll
At this point I'm prompted for my passwd
I'd like to include the pw in the command line.  How can I do this?  Is there a way to incript the password?
Thanks for the help.
Question by:jeffarnold
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 3
  • +1
LVL 21

Expert Comment

ID: 2524149
You could create a .rhosts file (in your home directory on the remote system) with the nodename of the system you are initiating the command from in it, so you aren't prompted for a password.

The other way is to use "expect" to provide the input to the rexec command when it asks for the password.

LVL 40

Expert Comment

ID: 2524378
Dunno what system you are using, but some implementations of rexec will accept a command like:

rexec -l username -p password host command

Check the manpages for your rexec command to find out if yours has this feature.

Expert Comment

ID: 2524434
I can`t remember exact specifics right now but if you email me tommorrow I can get it for you.
you can use either rsh or rexec
both allow for pre entry of passwords in special files. as above comment.
one is .rhosts and the other is hosts.equiv and I have used both on a system at my work.
There is something special about setting the file permissions of one of the above files to 400 so that your password is not readable by anybody else
for the remote system.
let me know what system you are using.
I have set up on IRIX and AIX
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

LVL 21

Expert Comment

ID: 2524511
wgre: .rhosts & hosts.equiv don't contain passwords, just hostnames (and users on those hosts, in hosts.equiv) who are "trusted" by the remote system.

I suspect you're thinking of .netrc, which CAN contain a password as part of an ftp "script" - the system ignores .netrc if it's publicly readable to "force" you to keep it secure :)

Author Comment

ID: 2524551
tfewster (or anyone):  A little clarification please.
I imagine the .rhosts file looks like:
hostname     userid
This file must be created in the home directory?  I assume that means you must login from the remote system as userid (as defined above).  Could you clarify the syntax of the command as well.
rexec <hostname> -l userid -n command
If I use this command line, I shouldn't need to supply the password.  Correct?  Lastly, could you also provide an example using "expect".  Is that a command line parameter?
Thanks again.
LVL 40

Expert Comment

ID: 2524579
If you want to use a .rhosts on the remote system, it needs to have the exact hostname (as perceived by the remote) and may optionally include a username. The way to be certain of having the correct hostname is to telnet or rlogin to the remote and do a "who" and put the hostname in the .rhosts. If your username is the same on both the local and remote system you don't need anything else. If not, you can but the local username on the same line as the host name, e.g. "local-system-name local-username"

Author Comment

ID: 2524668
Please read my entire comment above (as well as this one) before responding.  I'm working on an HP-UX system.  I have an existing .rhosts file in the user directory (we'll call it testid).  It's configured as followed:
tohost     testid
fromhost   testid
(where fromhost is the host I'm connecting from and tohost is the box where the .rhosts file is located.  testid exists on both servers.)
When I try to execute a command remotely as follows:
rexec tohost -l testid -n ls
(-l indicates login id, -n indicates command.  The man pages provide no further information.  Hence why I've written the question.)
I'm prompted for a password.  So, obviously password authentication is not being bypassed as described above.  The question is why?  I'm sure because I haven't configured something properly.  Please provide a "clear", very descriptive example of how I may accomplish this.  Also, if possible please provide a second example using the "expect" parameter described above.
Thanks for everyone's input.
LVL 21

Expert Comment

ID: 2524812
OK, as you've seen from the man pages, HP-UX's rexec won't allow you to give a password as part of the command (for security, no doubt). It is possible that using the -l testid option bypasses looking for the .rhosts file - Try the command without the userid

..rhosts is in the right place; Try removing the " testid" from the end of the line in .rhosts in case it's being interpreted as part of the trusted hostname - I seem to recall the format should be "trusted_hostname +trusted_user" IF a user is specified

I can't check the format at the moment, but man hosts.equiv explains it (fully, if not clearly)

Check that /etc/hosts.equiv on tohost does not bar the local system (which would override your .rhosts file)

- Assuming /etc/hosts.equiv is empty or at least does not bar fromhost or testid;
- .rhosts in testid's home directory on tohost contains just "fromhost";
- Logged in as testid on fromhosts, do rexec tohost -n ls; If this fails, try remsh tohost ls (or even remsh tohost on it's own) [remexec is a more secure subset of remsh].

"expect" is a scripting language, which I'm sure you'd rather not get into if it can be avoided, but I'll check the source & syntax anyway.

If these tips don't work, I'll come over and give you a hand...

LVL 40

Expert Comment

ID: 2524836
Okay, the .rhosts file is located in testid's home directory on the remote (tohost) and it contains the correct (as seen by tohost) hostname of the local machine (fromhost). If I got that right you've not made any errors in setting it up. It could be that the remote system has been set up to explicitly disallow .rhosts files. This is not uncommon and it's typically done for security purposes.

So now we need to use expect. The following script should be very close:

#!/path-to-installed/expect --

spawn rexec $argv
expect "ssword"
send "a-password\r"

Make it executable and you can issue commands like "script host -n cmd".

LVL 21

Expert Comment

ID: 2525094
If you can't "bypass" the security and want to go with expect:

tcl/tk tool kit (including expect): Usually /opt/tk* under HP-UX

If you don't already have expect:
http://dev.scriptics.com/ (sources, binaries, inc. port to HP-UX , apps & more!)

http://www.oreilly.com/catalog/expect/chapter/ch03.html (guide, but jlevie's script is perfect for this problem)

I suggest you protect the script with chmod 700 to prevent anyone else reading the password  =8-O

Regards, Tim
LVL 21

Accepted Solution

tfewster earned 300 total points
ID: 2526812
man remsh (On a HP-UX 10.20 system) says:

The rexec command, a link to remsh, works the same as remsh except that it uses the rexec() library routine and rexecd for command       execution (see rexec(3N) and rexecd(1M)).  rexec prompts for a password before executing the command instead of using hosts.equiv for     authentication.  It should be used in instances where a password to a remote account is known but there are insufficient permissions for remsh.

Apologies for misleading you on the format on .rhosts - it was OK all along; tho' it never hurts to check :-)

So you just need to use remsh instead of rexec: The syntax is the same, and I believe it meets your original requirements, as you are working at shell level (i.e. not writing programs)


Author Comment

ID: 2535242
Thanks for the input.  I may have more questions later...

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses
Course of the Month8 days, 21 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question