Search Contact information
University of Cambridge Home Department of Engineering
University of Cambridge >  Engineering Department >  computing help >  jpmg help

ssh - non-interactive use

Introduction

This page attempts to explain some of the problems and decisions involved in non-interactive use of ssh. If you're just looking for a recipe for how to make it work, then see the ssh authorized keys HOWTO page.

The secure shell, ssh, is most simply used to run processes on remote machines interactively (that is, with the user typing the ssh command at a keyboard or equivalent).

However it is sometimes desired to run processes on remote machines automatically and without direct human involvement at the time of running. For instance, a scheduled job (cron or at job on unix systems, might need to execute something remotely, and ssh tends (in the absence of support for un-encrypted insecure protocols such as rsh or rexec) to be the mechanism of choice for this.

This can be achieved in two ways:

.shosts file

This should be discouraged in most circumstances, although on occasion it is precisely the right solution to a problem. The problem with .shosts files is that, while they're easy to set up, they do not provide very precise control over what is permitted, and can as a result make the system far more vulnerable to security problems where a successful attack on one machine results in compromise of others.

This documentation will therefore not provide a guide to this method, although it should be fairly obvious from the online man pages how to make use of it.

authorized_keys

© Cambridge University Engineering Dept
Information provided by jpmg
Last updated: 7th Jun, 2006