ssh
ssh , short for secure shell, provides a secure shell on a remote system.
See Also
- openssh
- An open implementation of the secure protocol for working with remote shells.
- ssh.com
- Another site at least associated with source code base for SSH implementations.
- ssh and Tcl sockets , 1998-11-03
- Includes an example that uses Tcl together with ssh.
- SecPanel
- Serves as a GUI for managing and running SSH (Secure Shell) and SCP (Secure Copy) connections.
Description
The security infrastructure of SSH is completely separate from that of SSL.
- SSH — Secure (Remote) Shell
- Typically used to connect securely to a machine where you have an account. At heart, it is a "secure telnet" which however can carry lots of other traffic (forwarded IP ports, file transfers) within the encrypted connection.
- SSL — Secure Sockets Layer
- Provides a secure connection without requesting login, but the server is typically expected to authenticate its identity.
ssh with sudo
This isn't directly related to Tcl, but I didn't see a simple answer anywhere else, so here is a an example of sh command to connect to a remote system and execute a command on that system as another user without exposing the password that sudo prompts for. In this example, the task is to back up the entire filesystem starting at root:
(
printf 'Enter sudo password: ' >&2
stty -echo; read; stty echo
exec 3<<<"$REPLY"
rsync -ACHXavzPie 'bash -c '\''{ cat <&3; cat -; } \
| ssh "$@" &'\'' fakearg0forsh ' --rsync-path "sudo -S rsync" \
--backup-dir=/path/to/backupchanged --fake-super \
--exclude=/dev/ --exclude=/mnt/ --exclude=/proc \
--exclude=/tmp/ --exclude=/sys \
<username>@<host>:/ /path/to/backupdir/
)Discussion
Anyone know of a Tcl extension binding to one of the ssh libraries?
Perhaps D. J. Hagberg's example of port forwarding, from 1998 [L1 ] is useful.
CMcC I've thrown together some code to allow remote ssh tcl execution.
hkoba: You can also use comm via ssh to send/eval any script to remote host.
AMG: I whipped up a Tcl script that allows you to ssh to multiple hosts at the same time, using a single command and a single set of stdin/stdout/stderr. Try running bash with it, heh heh. (It really works!) For details, see multissh.
Justis: The TclCURL library seems to have some SSH features compiled into it: [L2 ]
Russell Treleaven reports [L3 ] that he successfully automates ssh client sessions on a Windows host with ActiveState's Expect and the ssh2 executable [L4 ]. He uses the "send slow" option. Both of these applications are proprietary.
TV: I've within some limitations, used the cygwin ssh facility, which is quite extensive, except varying from a drag to requiring out of package documentation to install. It is almost unix, though. It also contains working executables to use openSSL to create and deal with certificates, I used it successfully to make a secure httpd tick, except I forgot how.