On Sun, 5 May 2002, Insomniac Admin wrote: > You could use "popen" to open a ssh process and wait to be asked for the > password etc... Remember to check the RSA key pattern.
My experience, at least with recent SSH versions, is that they try very hard to verify stdin is an actual pty before accepting a password from it. This is specifically to stop people from storing passwords in cleartext. However, you can do wonderful things with key pairs. Read all about ssh-keygen. We have servers that need to do things on other servers. We store the private keys in 0400 files owned by root, create root-owned shell scripts to ssh into the remote servers and execute specific commands, and allow the web server to run those with sudo. Not perfect, but reasonably secure as long as nobody r00ts the web server. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
