How Can I Securely Execute Script on Remote Windows Host?

What are the most secure options to allow a command line script written on
machine A to synchronously execute another command line script written on
machine B, wait on response, and retrieve return code at the end of
execution. Assume client machine A is UNIX and server machine B is
Windows.

I need some basic encryption around the initial authentication of the client
user to the server, but could live without encryption for the rest of the
connection. Some authentication of the machines involved in the
conversation independent of user authentication (similar to SSH) would be
nice. Some ability to limit the programs that can be executed on the
target to a group of programs that have been registered in advance would be
nice.

Microsoft does have solutions like WShell and WMT, but they are based on
port 135 and DCOM. We aren't willing to open up those ports through the
firewall because too many other services get exposed on the target system
with those ports available.

There are plenty of REXEC daemons for Windows, but these appear to be
trivially written and offer no encryption to protect password traversal over
the TCP connection, no machine authentication, and do nothing to stop
execution of any arbitrary EXE on the target computer.

SSH implementations certainly cover the authentication requirements, but I
don't find a straightforward way to do a synchronous execution of a remote
EXE through the SSH pipe. I do not want to login to a remote shell and do
things manually there. I want to launch an EXE from within a client-side
script and get a return code from one command in the script that will tell
me how the program ran on the remote host after it has finished running.

A user on another newsgroup suggested that SSH can be set up to
invoke an executable on a remote host, then capture the return code to the
calling computer.

What options do I have?

--
Will


.

Relevant Pages

  • Re: Fixing a bug in executable file
    ... Possibly it is near the application entry point. ... softice to track the application execution and find the code. ... that just place NOPs or a JMP to the code after the authentication. ... Insertion of some NOP could solve that. ...
    (microsoft.public.development.device.drivers)
  • Re: How Can I Securely Execute Script on Remote Windows Host?
    ... I need some basic encryption around the initial authentication of the client ... execution of any arbitrary EXE on the target computer. ... SSH implementations certainly cover the authentication requirements, ... script and get a return code from one command in the script that will tell ...
    (comp.unix.admin)
  • Safest Way to Synchronously Execute Remote EXE From Two Windows Hosts?
    ... I'm wondering if Java offers any straightforward ways to allow a command ... I need some basic encryption around the initial authentication of the client ... authentication and execution of a specific application on the target? ... execution of any arbitrary EXE on the target computer. ...
    (comp.lang.java.security)
  • How Can I Securely Execute Script on Remote Windows Host?
    ... What are the most secure options to allow a command line script written on ... machine A to synchronously execute another command line script written on ... I need some basic encryption around the initial authentication of the client ... execution of any arbitrary EXE on the target computer. ...
    (comp.unix.admin)
  • Re: ksh silently ignores function if mistakenly not autoloaded
    ... Here's the order of execution. ... This really takes place prior to command ... Shell scripts, with all their power, have one major drawback - they ... In the Korn Shell, there are two separate syntaxes for defining ...
    (comp.unix.shell)