rp15
asked on
running scripts remotely
Hello,
I am try to run a job from one unix box and have it run on another without manually typing in any information? That way I can submit a job in the scheduler and it will connect and excute the script on an other unix box.
I am try to run a job from one unix box and have it run on another without manually typing in any information? That way I can submit a job in the scheduler and it will connect and excute the script on an other unix box.
using rsh and put into cron.
crontab -u username -e
crontab -u username -e
ASKER
I believe using crontab means that you are setting up a certain time when these jobs are going to be run. I have never actually used so please let me know if that is a correct statement. If it is then in my case that would not help me. To give you an example of how me scheduler works. I will kick off the schedule manually to begin with and then jobs will run once the jobs they are dependent on have finished. Also I need to be able to send a password since my passwords are different on each machine.
ASKER
The OS want to send the command from is AIX version 4. The operating system for the the unix box I want to run the script on is SMP_DC_OSx. One of my problems that I am encountering is that I can not send my password over to the second machine. Which is important since my passwords are different. Also, is there a way to send a password by using the .rhost file?
rsh is not suggested for reasons of security. You might look at ssh (secure shell) instead.
Actually just about any method of doing this is going to be considered insecure. Is the script a changing one or will the jobs on the receiving system always be the same? Did you just need a way to signal those machines to run their scripts?
Gandalf Parker
Actually just about any method of doing this is going to be considered insecure. Is the script a changing one or will the jobs on the receiving system always be the same? Did you just need a way to signal those machines to run their scripts?
Gandalf Parker
You need not give passwords in you ~/.rhosts file.
For eg. If you have an username "usr1" in a machine1 and
"usr2" on machine2.
In the file /home/usr1/.rhosts (Assuming this is your home directory)
of the machine1 have the following entry.
machine2 usr2
Assuming from machine2 you execute script on machine1:
machine2> rsh machine1 -l usr1 <command name or script>
It should work without any problem.
For eg. If you have an username "usr1" in a machine1 and
"usr2" on machine2.
In the file /home/usr1/.rhosts (Assuming this is your home directory)
of the machine1 have the following entry.
machine2 usr2
Assuming from machine2 you execute script on machine1:
machine2> rsh machine1 -l usr1 <command name or script>
It should work without any problem.
rp15, I'm not too familiar with AIX, but I believe AIX is system V unix flavor like Solaris 2.x. Although not recommended for security reasons, and I'm assuming that the loginID's home directory is the same and is nfs mounted to all the machines in question. Just create a .rhosts file in the LoginId's home directory with the following entry in it:
+ loginID
replace the loginID with the your loginID. This should give trusted access to execute any commnads to available to that loginID without any system asking you for a passwd. Note that executable commands only available to root will still not available to the loginID.
As to the script, as long as you do not execute in the background the script will wait for the previous command to finish before continuing with normal execution.
Hope this helps..
+ loginID
replace the loginID with the your loginID. This should give trusted access to execute any commnads to available to that loginID without any system asking you for a passwd. Note that executable commands only available to root will still not available to the loginID.
As to the script, as long as you do not execute in the background the script will wait for the previous command to finish before continuing with normal execution.
Hope this helps..
I would suggest using a scripting language on your AIX machine. A language like 'expect' would be able to do everything that you would do while sitting there - wait for the 'login:' or 'password:' prompt and "type" the appropriate thing in. There is a huge security problem here because the script that you feed expect would have to have your password in it so you could try to protect it by setting the permision of the file to r------- but your system administrator (root) would still be able to read it and then get access to your remote machine (but then again maybe this isn't a concern or maybe you are root).
still no answer to my questions so here is alittle of where I was headed.
A much more secure way is to have scripts running in the background of all the machines watching for a signal to run the script.
If the script is the same every time then they can even just watch for a certain login from a certain machine. If it is the same but needs a few bits of info then the script ca be watching for a small file to appear which has the variables, use the file for input on the script, then delete the file, continue watching.
There are other features of this which can be discussed but the gist of it is that a very low-permission restricted login can be used to signal a very high permission (even root) kickof of a script.
Gandalf Parker
A much more secure way is to have scripts running in the background of all the machines watching for a signal to run the script.
If the script is the same every time then they can even just watch for a certain login from a certain machine. If it is the same but needs a few bits of info then the script ca be watching for a small file to appear which has the variables, use the file for input on the script, then delete the file, continue watching.
There are other features of this which can be discussed but the gist of it is that a very low-permission restricted login can be used to signal a very high permission (even root) kickof of a script.
Gandalf Parker
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
From solaris:
rsh <machine name> -l <username> <script name>
From hp
remsh <machine name> -l <username> <script name>
You need to have the .rhosts file properly set for these commands to
work properly.
For eg. If you allow machine1 with user user1 to access your machine,
then have the following line in ~/.rhosts
machine1 user1.