[ Pobierz całość w formacie PDF ]
.It's even possible to copy a file from a remote host to some other remote host,but it is something you wouldn't normally want to do, because all of the data travels via your host.You can execute commands on remote hosts using the ssh command.Again, its syntax is very simple.Let'shave our user maggie retrieve the root directory of the remote host vchianti.vbrew.com.She'd do this with:$ ssh vchianti.vbrew.com ls -CF /maggie@vchianti.vbrew.com's password:bin/ console@ dos/ home/ lost+found/ pub@ tmp/ vmlinuz@boot/ dev/ etc/ initrd/ mnt/ root/ usr/ vmlinuz.old@cdrom/ disk/ floppy/ lib/ proc/ sbin/ var/You can place ssh in a command pipeline and pipe program input/output to or from it just like any other com-mand, except that the input or output is directed to or from the remote host via the ssh connection.Here is anexample of how you might use this capability in combination with the tar command to copy a whole directorywith subdirectories and files from a remote host to the local host:$ ssh vchianti.vbrew.com "tar cf - /etc/" | tar xvf -maggie@vchianti.vbrew.com's password:etc/GNUstepetc/Muttrcetc/Netetc/X11etc/adduser.conf. 181Here we surrounded the command we will execute with quotation marks to make it clear what is passed as anargument to ssh and what is used by the local shell.This command executes the tar command on the remotehost to archive the /etc/ directory and write the output to standard output.We've piped to an instance of the tarcommand running on our local host in extract mode reading from standard input.Again, we were prompted for the password.Now you can see why we encouraged you to configure ssh so thatit doesn't prompt you for passwords all the time! Let's now configure our local ssh client so that it won't promptfor a password when connecting to the vchianti.vbrew.com host.We mentioned the.ssh/authorized_keys fileearlier; this is where it is used.The.ssh/authorized_keys file contains the public keys on any remote user ac-counts that we wish to automatically log in to.You can set up automatic logins by copying the contents of the.ssh/identity.pub from the remote account into our local.ssh/authorized_keys file.It is vital that the file permis-sions of.ssh/authorized_keys allow only that you read and write it; anyone may steal and use the keys to log into that remote account.To ensure the permissions are correct, change.ssh/authorized_keys, as shown:$ chmod 600 ~/.ssh/authorized_keysThe public keys are a long single line of plain text.If you use copy and paste to duplicate the key into your localfile, be sure to remove any end of line characters that might have been introduced along the way.The.ssh/authorized_keys file may contain many such keys, each on a line of its own.The ssh suite of tools is very powerful and there are many other useful features and options that you will beinterested in exploring.Please refer to the manual pages and other documentation that is supplied with the pack-age for more information. 182Chapter 13 - The Network Information SystemWhen you're running a local area network, your overall goal is usually to provide an environment for your usersthat makes the network transparent.An important stepping stone is keeping vital data such as user account in-formation synchronized among all hosts.This provides users with the freedom to move from machine to ma-chine without the inconvenience of having to remember different passwords and copy data from one machine toanother.Data that is centrally stored doesn't need to be replicated, so long as there is some convenient means ofaccessing it from a network-connected host.By storing important administrative information centrally, you canmake ensure consistency of that data, increase flexibility for the users by allowing them to move from host tohost in a transparent way, and make the system administrator's life much easier by maintaining a single copy ofinformation to maintain when required.We previously discussed an important example of this concept that is used on the Internet -- the Domain NameSystem (DNS).DNS serves a limited range of information, the most important being the mapping between host-name and IP address.For other types of information, there is no such specialized service [ Pobierz całość w formacie PDF ]