say you wanted to assign a user on the netapp to create nightly oracle snapshots you would do the following to enable passwordless ssh access to the filer
1) secureadmin setup ssh - this will prompt you through ssh setup on the filer
2) use useradmin on the filer to create the role/group/user for oracle
useradmin role add oraclesnap -a login-ssh,cli-snap*
useradmin group add oraclesnap -r oraclesnap
useradmin user add oraclesnap -g oraclesnap
3) generate an ssh key for the user your script is running as on your unix/linux host, for this example we will call this user oracle
ssh-keygen -t dsa -b 1024
this will prompt you where to save the keys and a key password, just hit enter for the password do not use a password here. once done you will need a copy of the id_dsa.pub public key
4) on the filer create a user directory under /etc/sshd with the same name as the unix user above
mkdir -p /etc/sshd/oracle/.ssh
now create the authorized_keys file in that new directory and paste the id_dsa.pub key into that file
once complete your filer should have this /etc/sshd/oracle/.ssh/authorized_keys
5) ssh from the unix host as the oracle user and start issuing commands, ssh filer snap list myvolume
voila.
of course change the example for your environment, command access etc
--daniel
--
Daniel Leeds
Senior Systems Administrator
Edmunds.com
-----Original Message-----From: David McWilliams [mailto:davidkmcw@gmail.com]
Sent: Fri 8/3/2007 12:27 PM
To: Leeds, Daniel
Cc: NetApp list
Subject: Re: rsh problem
Very good point, put it down to lazyness. Where do I put the RSA keys on the
NetApp, so I don't get prompted for the password?
--
Sláinte,
David
Checkout the, sometimes updated, McWilliams family website @
http://davidmcw.tripod.com
Get a safer, faster, better web browser @
http://www.mozilla.org/products/firefox/
On 8/3/07, Leeds, Daniel <dleeds@edmunds.com> wrote:
>
> just curious why you would be using rsh for a new set of scripts since
> ssh now ships with ontap.
>
>
> --
> Daniel Leeds
> Senior Systems Administrator
> Edmunds.com
>
>
>
> -----Original Message-----
> From: owner-toasters@mathworks.com on behalf of David McWilliams
> Sent: Fri 8/3/2007 6:06 AM
> To: NetApp list
> Subject: rsh problem
>
> I'm trying to configure rsh access for some remote scripts I'm writing and
> I
> getting the following;
>
> Permission denied to rsh request from root at host 10.4.27.17 IP address
> 10.4.27.17
>
> I've got the following options set;
>
> rsh.access host=10.4.27.17
> rsh.enable on
> trusted.hosts *
>
> Any ideas anyone?
>
> --
> Sláinte,
>
> David
>
> Checkout the, sometimes updated, McWilliams family website @
> http://davidmcw.tripod.com
>
> Get a safer, faster, better web browser @
> http://www.mozilla.org/products/firefox/
>
>