I too am disappointed that NetApp doesn't include ssh as part of the core offering, especially in today's security conscious environment.
I'd like to understand more about your client/server app. I've often been frustrated by the inability to write/compile/run my own code on a NetApp.
Where is your server running, on your NetApp? What language is it in? How did you compile it? How do you run it?
If it's not running on your NetApp, how does your server make the connection to the NetApp without using rsh, and without using SecureAdmin?
Re:
Date: Thu, 28 Oct 2004 11:28:33 -0700 (PDT) From: avarni@cj.com To: Brian Parent bparent@calvin.ucsd.edu Cc: Netapp toasters@mathworks.com Subject: Re: ssh scripts
We didn't purchase Secure Admin, but I got around that by writing a little client/server app that's bound to a no-password DSA keypair. The server portion limits what actions can be requested by the clients. This way our DB servers can still initiate snapmirror requests, etc -- without using insecure rsh.
I guess this is as good as a time as any to express my dissapointment with NetApp's policy of charging extra money to be able to use ssh. I think that providing a secure remote management capability (ssh) by default should be part of the core offering.
On Wed, 27 Oct 2004, Brian Parent wrote:
Can anyone on this list confirm whether ssh can be used in place of rsh (after purchasing SecureAdmin ofcourse), without requiring the use of a password? It appears to be the case, based on the existence of the options "ssh.pubkey_auth.enable" as well as "ssh.passwd_auth.enable" on my DOT 6.4.5 systems. I'd just like to make sure before buying the SecureAdmin software because I'd rather not bother if I have to stuff the password into an expect script somewhere.
Re:
Date: Wed, 27 Oct 2004 21:07:52 +0200 From: Stefan Funke bundy@arcor-ip.de To: Robert Borowicz rbaus@swbell.net Cc: Netapp toasters@mathworks.com Subject: Re: ssh scripts
Quoting message received from Robert Borowicz:
I want to work with our DBA's to put our Oracle instances in Hot Standby to grab snapshots. Anybody got a script they use that utilizes SSH to run the snap command on a filer?
http://www.netapp.com/tech_library/3130.html
show it to your dba's and replace rsh with ssh.