[leaf-user] logs from cron using ssh (was: Missing Logs)

Wed, 27 Nov 2002 21:15:41 -0800 

I'm probably venturing off topic a bit here, but for an
example of how to pull logs using ssh from cron, read on...

In the last day or two, Minh wrote:

MD> To get to your log files, you will need the sftp.lrp
MD > module.

And Patrick replied:

> Ok, sounds good...  I'm guessing this goes along with the ssh.lrp 
> package (which I've already set up) & I'm guessing sftp also comes
> in the ssh package in most distros?  Now all I need is a newbie
> help file on setting up a cron job...  any suggestions? :)

On Wed, 27 Nov 2002 13:43:52 PST Minh wrote:

> Sftp uses ssh protocols.  It should be found with all
> the optional Bering lrp modules.
> 
> I might be wrong about sftp, though.  I read up some
> more, and it appears that sftp cannot pass the
> password through batch (non-interactive) mode.  This
> is probably a security risk.

The best way to use ssh, scp or sftp--all three can be used
to copy files--in an unattended fashion is with keys.  The
technique I would use (there are other variations that would
work) is to create a key pair to be used only for pulling
logs.  Save the private key without a passphrase on a trusted
computer.  Then use .ssh/authorized_keys on the firewall to
limit that key to only running one command.

Below is an example that is partially untested.  I know the
technique works, but I may have made typos or slight syntax
errors.

On the firewall in ~/.ssh/authorized_keys either in the root
account or another account that has access to the log files:

  command="tar c /var/log/*.0 | gzip -c -",no-pty,no-port-forwarding,\
  no-X11-forwarding,no-agent-forwarding ssh-dss [the key here]

>From the trusted computer run:

  ssh -i key_for_pulling_logs user@thefirewall \
    > log_archive-`date -d yesterday +%Y%m%d`.tar.gz

manually or via cron.

It takes a bit of reading and practice to get familiar with
ssh and public key authentication, but if you do much *nix
system administration, it's *definitely* worth knowing.

--Brad



-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T 
handheld. Power & Color in a compact size! 
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to