• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 14375
  • Last Modified:

rexec and shell scripts

How do I invoke rexec in a shell script? we use solaris 8 and what are the permissions for a non su user? should we make any entries in hosts files to execute this command? Most of the man pages are not much help on executing rexec from shell script. ANy help on this would be great! Thanks.
0
rsastry
Asked:
rsastry
3 Solutions
 
jlevieCommented:
There's nothing difficult about using rexec or rsh within a script to execute a command on a remote system, provided that the user running the script has a correct .rhosts file on the remote so they don't have to enter a password. With a valid .rhosts file on the remote you can do something like:

rsh remote-system chmod 0644 some-file

However, if you can't set up the remote to allow unchallenged rsh or rexec access via .rhosts or hosts.equiv then you need to consider using expect as the scripting language. It operates on a send/expect model so it can issue a command (send "rsh remote chmod 0644 some-file\r") wait for the password prompt (expect "Password") and then send the password (send "my-passwd\r").
0
 
chris_calabreseCommented:
True for 'rsh', but not necessarily for 'rexec' since Solaris does not have a shell-level utility to call 'rexec' directly.

What's the difference? rexec is a generalization of rsh that allows more file descriptor plumbing than the standard stdin/stdout/stderr.

HP-UX, for example, has a seperate rexec command.
0
 
rsastryAuthor Commented:
Thanks for the info. So in solaris what is the alternative for rexec that can be used in a shell script? to make rsh work do I need to do anything specific on the local and remote hosts? (like starting the rsh service ?)
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
jlevieCommented:
The remote hosts must have an rsh server available and reachable. This won't necessarily be the case on all systems for security reasons. RedHat (and some other Linuxen) don't install or enable insecure protocols like rsh, rlogin, telnet, etc) be default. And quite a few sys admins will disable those on systems that do provide the server by default.

To avoid having to deal with passwords for rsh within a script you can create an .rhosts file in the user's home dir on the remote system (see 'man rhosts' for details).  
0
 
chris_calabreseCommented:
Or better yet, ditch rsh/rexec altogether in favor of  Secure Shell (ssh).

SSH is a drop-in replacement for rsh/rexec, encrypts data/passwords, allows cryptographic authentication mechanisms, and is available from sunfreeware.com for Solaris (and available for all kinds of other platforms too).
0
 
TintinCommented:
Also ssh comes standard on Solaris 9.

rsh and rexec are getting pretty ancient now and existed in a time where security wasn't an issue.
0
 
yuzhCommented:
In Solaris you can rsh as stated in  jlevie's first comment. (if the "r"* services are enable, it
is enable by default, but a lot of adm guy disable them, and it is a security hole on the system !),
and you have setup .rhosts file in you Sun boxes.

I think most of people use secure shell -- ssh instead of rsh. you can download openssh from:
http://sunfreeware.com/

for your version of Solaris.

For using ssh in a script, you can choice to setup ssh connetion without password, or use
expect script to handle the password.

Just do a search at EE, you can find  a lot of example about setup ssh without password,
ssh + expect ect.

0
 
ahoffmannCommented:
.. and don't forget to remove the .rhosts files, and/or disable reading it in sshd_conf
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now