PUBLIC MARKS with tag ssh

’Scripts Shell sous Linux’ chez ENI 10 novembre 2008 dans Livres Ce livre sur les scripts shell présente la mise en œuvre de projets dans un environnement industriel. Les 5 projets détaillés couvrent la plupart des besoins en scripts rencontrés en entreprise. Ils ont été conçus et présentés de telle sorte que leur adaptation à des besoins spécifiques sera aisée pour le lecteur. Les thèmes couverts traitent de la gestion des comptes utilisateurs, des sauvegardes de fichiers, des sauvegardes systèmes, de la gestion des disques, des communications entre serveurs, des mécanismes de surveillance et des scripts de démarrage. Ces projets abordent des approches différentes de la programmation en shell, tels que les gros projets qui utilisent plusieurs scripts avec des fichiers de configuration et de journalisation, ou le script unique complet et autonome. Des concepts de base sont détaillés comme les menus interactifs, la crontab, des fichiers systèmes, la sécurité SSH et les clés. Les scripts shell traités dans le livre sont en téléchargement sur cette page. A noter que le livre numérique est offert par l’éditeur pour l’achat du livre imprimé jusqu’au 31 décembre 2008. "Scripts Shell sous Linux : Mise en œuvre de 5 projets", de Théo SCHOMAKER et Jean-Marc BARANGER", ENI Editions. 37 euros. ISBN : 978-2-7460-4617-7

Many people use SSH to log in to remote machines, copy files around, and perform general system administration. If you want to increase your productivity with SSH, you can try a tool that lets you run commands on more than one remote machine at the same time. Parallel ssh, Cluster SSH, and ClusterIt let you specify commands in a single terminal window and send them to a collection of remote machines where they can be executed. Why you would need a utility like this when, using openSSH, you can create a file containing your commands and use a bash for loop to run it on a list of remote hosts, one at a time? One advantage of a parallel SSH utility is that commands can be run on several hosts at the same time. For a short-running task this might not matter much, but if a task needs an hour to complete and you need to run it on 20 hosts, parallel execution beats serial by a mile. Also, if you want to interactively edit the same file on multiple machines, it might be quicker to use a parallel SSH utility and edit the file on all nodes with vi rather than concoct a script to do the same edit. Many of these parallel SSH tools include support for copying to many hosts at once (a parallel version of scp) or using rsync on a collection of hosts at once. Because the parallel SSH implementations know about all the hosts in a group, some of them also offer the ability to execute a command "on one host" and will work out which host to pick using load balancing. Finally, some parallel SSH projects let you use barriers so that you can execute a collection of commands and explicitly have each node in the group wait until all the nodes have completed a stage before moving on to the next stage of processing.

Access your Bonjour Services from anywhere, securely. Scenario: You've just purchased a brand new iMac and MacBook and are simply loving it. You've set up your home or office network exactly the way you want it. You have file sharing between the two machines and can transfer your documents easily between them; you can listen to your iMac's iTunes Library from the MacBook and view your MacBook's iPhoto Library from your iMac. Everything on your network works exactly as you want it to and life is beautiful. What happens when you have to leave (i.e. work or travel) the comfort of your new custom configured network? Wouldn't it be nice to know that with one mouse click you will be able to access almost everything you've just setup from anywhere in the world securely? Before ShareTool, this was simply not possible without an extremely (if at all possible) complicated setup even for those in the know. Not anymore! With ShareTool, that complex procedure is reduced to a simple mouse click and as a result, yes, you can be at two places at the same time! ShareTool lets you access all of the Bonjour services on your home network from anywhere in the world. This includes iTunes Music Sharing, Screen Sharing, File Sharing, printing, and more. With ShareTool, you can listen to your entire iTunes music library at work, control the screen of any of your home computers, or grab that important file you forgot to bring with you. And this is simply the tip of the iceberg. With ShareTool, it's as if you've never left your own network! Some of the new features of ShareTool include the following: Simple Setup: ShareTool automatically configures routers supporting NAT-PMP or UPnP. Easy Access: Remote services automatically appear in Finder, iTunes, and other applications. Compatibility: ShareTool enables remote access for any application or service that advertises itself using Bonjour and runs over TCP/IP. Security: All network traffic is strongly encrypted. Access to your services requires your Mac OS X username and password. Dynamic domain name support On the fly compression: Transfer large files quickly. Secure web browsing: surf the internet using your own browser securely. and much more!

Many times, you want to execute a command not only on one server, but also on several servers. For example, find out * Version of kernel * Version of Apache web server * Update static html or images files on all web servers via rsync * Find out user information, server information, memory usage etc * Security/patch checking tentakel I have already covered how to execute commands on multiple Linux or UNIX servers via shell script. The disadvantage of script is commands do not run in parallel on all servers. However, several tools exist to automate this procedure in parallel. With the help of tool called tentakel, you run distributed command execution. It is a program for executing the same command on many hosts in parallel using ssh (it supports other methods too). Main advantage is you can create several sets of servers according requirements. For example webserver group, mail server group, home servers group etc. The command is executed in parallel on all servers in this group (time saving). By default, every result is printed to stdout (screen). The output format can be defined for each group.

Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with reverse SSH tunneling. This document will show you step by step how to set up reverse SSH tunneling. The reverse SSH tunneling should work fine with Unix like systems.

client SSH open-source

Secure FTP, FTP/SSL, SFTP, FTPS, FTP. What's the difference?

This guide demonstrates using SSH tunnels and VNC screen-sharing software to use your Mac from any PC over the Internet. It’s fast, secure, cross-platform, and can be done entirely with open source software.

L’idée était de profi ter du dimensionnement de ce petit monstre pour monter une plate-forme architecturée autour de Xen. Vous le savez peut-être, chez GCU, on est très BSD. Nous avions donc à l’esprit de monter l’architecture suivante : * dom0 sous NetBSD ; * domU shells, destiné à accueillir des accès ssh pour les membres du groupe ayant cotisé à la mirobolante dîme annuelle ; * domU services, qui hébergera les services classiques hors HTTP ; * domU gcu où se trouvera le site principal et ses moult plugins ; * domU www, domaine où nous hébergerons les sites tiers. Afin de profi ter au maximum de ce nouveau matériel, nous envisagions également, naïfs que nous sommes, de n’avoir que des systèmes de type amd64. Nous verrons que cet espoir s’est envolé. Il est important de noter que si NetBSD dispose d’une version dotée d’un noyau de type domU, ce n’est pas le cas d’OpenBSD, aussi, c’est uniquement grâce au mode HVM (Hardware Virtual Machine) de Xen que nous serons en mesure de mettre en place des domUs ne bénéficiant pas de noyaux modifiés.

Commençons tout d’abord par expliquer les quelques termes alambiqués du titre de ce billet pour les néophytes : * SFTP signifie « Secure File Transfer Program », c’est un programme permettant de transférer des fichiers en utilisant une liaison chiffrée par SSH (Secure SHell) ; attention à ne pas confondre SFTP avec FTPS qui signifie pour sa part « File Transfer Protocol over SSL » ! * chroot est un programme permettant de changer le répertoire racine d’un processus afin que ce dernier n’ai accès qu’à une partie limitée de l’arborescence. * scponlyc est un shell limité destiné uniquement aux transferts de fichiers dans un chroot. Le but du jeu est donc de permettre à un utilisateur de transférer des fichiers sur un serveur de manière sécurisée sans qu’il n’obtienne pour autant un shell et sans qu’il lui soit permit de voir l’arborescence du serveur.