Re: PuTTY fails to compile using gcc on Solaris

From: Bernd Felsche (bernie_at_innovative.iinet.net.au)
Date: 07/20/04 

Date: Tue, 20 Jul 2004 09:47:52 +0800

tagin2tech@yahoo.ca (Nyssa) writes:

>per@hedeland.org (Per Hedeland) wrote in message
>news:<cdg2pm$2fdc$1@hedeland.org>...
>> In article <3b8a6443.0407181515.280317b1@posting.google.com>
>> tagin2tech@yahoo.ca (Nyssa) writes:
>> >
>> >My intention was to incorporate plink in a script as it allows for the
>> >ability to prompt for a password at the command prompt when
>> >establishing a connection from my host to the destination server.

>> In that case I'd really have to agree with Michael - why not just use
>> the "standard" ssh client in OpenSSH, it can obviously do that too
>> (unless I misunderstand what you want). I could imagine someone wanting
>> PuTTY for the GUI/menus stuff that xterm + OpenSSH won't provide - but
>> for the commandline functionality I see no point (nothing wrong with
>> PuTTY/plink I'm sure, but OpenSSH has "a few" more years of building/
>> running on Unix in general, and Solaris in particular, under the belt).

>I'm only familiar with the very basics of ssh, specifically I know
>that from a command prompt I can specify "ssh <user>@<target_host>"
>and I can supply a password rather than rely on keys if that user only
>has a local account on the target host (saves the hassle of having to
>administer and maintain keys, especially when we have to rely on
>another group to set this up), but that command will prompt to enter
>in the password. I don't know if the same goes for scp or sftp but I
>don't believe there's an option to define the password from command
>line. The PuTTY tools like plink and pscp allows the specification of
>the password right on the command line, for example "plink -pw
><passwd> <user>@<target_host>" which makes it simpler to put in a
>script. I am fairly new to scripting and given the timeline for the

Simple/easy as opposed to secure. The reason for not putting the
passowrd on a command line is that there are a number of means by
which it could be viewed by other users on the same machine.

If you're not worried about users snooping passwords and other
sensitive information, then use rsh/rcp.

OTOH; if the data are worth protecting, then the effort of
generating keys is a small investment in security.

>From the ssh man page:

     ssh implements the RSA authentication protocol automatically.
     The user creates his/her RSA key pair by running ssh-keygen(1).
     This stores the private key in $HOME/.ssh/identity and the
     public key in $HOME/.ssh/identity.pub in the user's home
     directory. The user should then copy the identity.pub to
     $HOME/.ssh/authorized_keys in his/her home directory on the
     remote machine (the authorized_keys file corresponds to the
     conventional $HOME/.rhosts file, and has one key per line,
     though the lines can be very long). After this, the user can
     log in without giving the password. RSA authentication is much
     more secure than rhosts authentication.

>task I was given, I was not sure if I will be able to learn how to
>handle interactive sessions in my script in a timely manner (since
>this part is only a very small chunk of my requirements). Of course,
>this is not the most secure way and my user may end up insisting I use
>OpenSSH with secure keys, which then negates my effort here. But I
>wanted to explore all the possible options and be able to present
>these to my user/client before starting the project. :) 

-- 
/"\ Bernd Felsche - Innovative Reckoning, Perth, Western Australia
\ /  ASCII ribbon campaign | I'm a .signature virus!
 X   against HTML mail     | Copy me into your ~/.signature
/ \  and postings          | to help me spread!

Relevant Pages