当前位置: 文江博客话题详情

rsh 与 Perl 的 Expect.pm 相比有何优势?

发布于 2024-07-17 14:59:29 字数 346 浏览 8 评论 0原文

我有一个 Perl Expect.pm 脚本,它可以执行一些中等复杂的操作,例如打包应用程序、部署应用程序、检查多个远程 UNIX 主机上的日志等。

我的前任使用 rsh 编写了类似的脚本。

两者之间有更好的方法吗? 或者我应该使用不同的东西?

我猜有人会提出 SSH; 它基本上是 rsh 的替代品,对吧? 不幸的是,SSH 目前不适合我。

我应该补充的另一件事是,登录后我需要能够 SUDO 到特定用户以在远程主机上执行大部分操作。

原文

I have a Perl Expect.pm script that does some moderately complex stuff like packaging applications, deploying the application, checking for logs, etc. on multiple remote unix hosts.

My predecessor had written similar scripts using rsh.

Is there a better approach between the two? Or should I use something all together different?

I am guessing somebody will bring up SSH; it's basically replacement for rsh, right? Unfortunately, however SSH is not an option for me right now.

Another thing I should add is that after logging in I need to be able to SUDO to a particular user to do most of the actions on the remote hosts.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

请你别敷衍 2024-07-24 14:59:30

我应该添加的另一件事是,登录后我需要能够 SUDO 到特定用户以在远程主机上执行大部分操作。

为了解决这一特定问题:使用 rsh (或 ssh),您可以指定在远程会话中成为哪个用户:

$ rsh -l username hostname

无需使用 sudo 在这种情况下。 由于安全问题,现在肯定是研究 ssh 的时候了。 语法是相同的,但是 ssh 也允许稍微不同的(我想说更好)语法:

$ ssh username@hostname

我发现 expect 太挑剔了,但我的经验是并不重要。

Another thing I should add is that after logging in I need to be able to SUDO to a particular user to do most of the actions on the remote hosts.

To address this one particular point: using rsh (or ssh) you can specify which user to become in the remote session:

$ rsh -l username hostname

There's no need to use sudo in this case. Now would definitely be the time to look into ssh due to security issues. The syntax is the same, but ssh also allows a slightly different (and I'd say better) syntax:

$ ssh username@hostname

I found expect to be too finicky, but my experience with it is not substantial.

回复 原文
怎会甘心 2024-07-24 14:59:30

他们做不同的事情。 Expect 是一种编写脚本的方法,否则需要手动响应。 rsh——远程 shell,不是受限 shell,不幸的名称冲突——允许您在另一个系统上远程运行命令。

也就是说,使用 rsh 执行远程命令、运行 sudo 等的安全漏洞和其他缺点是巨大的。

They do different things. Expect is a way to script what would otherwise be manual responses. rsh -- remote shell, not restricted shell, an unfortunate name clash -- allows you to run commands remotely on another system.

That said, the security holes and other disadvantages of using rsh to do remote commands, run sudo, etc, are immense.

回复 原文
今天小雨转甜 2024-07-24 14:59:30

我可以看到多种执行此操作的方法:

  • Expect over telnet、rsh 或 ssh
    • 优点:单一连接,更少的逃逸问题
    • 缺点:在不断变化的环境中变得脆弱
  • rsh/ssh 每个命令单独
    • 优点:逃避问题更少,在不断变化的环境中更可靠
    • 缺点:每个连接都需要时间进行身份验证,并且对于 ssh,握手加密

      • 优点

  • rsh/ssh 一次所有命令
    • 优点:单连接(开销较少),比预期更可靠
    • 缺点:维护方面的脆弱性,特别是当您在其中获得大量语句时,转义问题更加普遍(在 perl 中转义,以便它仍然被 rsh/ssh 转义,以便它仍然被远程 shell 转义,以便它可以由 sudo 远程 shell 正确处理吗?)

      • 优点

  • rsh/ssh 并运行脚本
    • 优点:单连接、更可靠、更易于维护
    • 缺点:找到一种方法将其传输到那里(rcp/scp 工作,NFS 工作,您需要确定最适合您的方法)。

考虑到所有因素,这是最轻微的缺点,因为您可以简单地执行类似的操作,

 open my $fh, "|ssh user@host 'cat > /tmp/myscript'";
 print $fh $script;
 system qw(ssh user@host), "chmod u+x /tmp/myscript; /tmp/myscript; rm /tmp/myscript";

当然,您可以添加一些错误处理(打开失败,如果 /tmp/myscript 存在怎么办等),但这就是想法。

I can see multiple ways of doing this:

  • Expect over telnet, rsh, or ssh
    • pros: single connection, fewer escaping issues
    • cons: fragility in a changing environment
  • rsh/ssh each command individually
    • pros: fewer escaping issues, more reliable in a changing environment
    • cons: each connection takes time for authentication, and, for ssh, handshaking the encryption
  • rsh/ssh all commands at once
    • pros: single connection (less overhead), more reliable than expect
    • cons: fragility in maintenance especially as you get more than a handful of statements in there, escaping issues are more prevalent (escape in perl so that it's still escaped by rsh/ssh so that it's still escaped by the remote shell so that it's properly handled by the sudo'd remote shell?)
  • rsh/ssh and run a script
    • pros: single connection, more reliable, more maintainable
    • cons: finding a way to get it over there (rcp/scp work, NFS works, you need to determine the best way for you).

All things considered, this is the most minor con as you could simply do something like

 open my $fh, "|ssh user@host 'cat > /tmp/myscript'";
 print $fh $script;
 system qw(ssh user@host), "chmod u+x /tmp/myscript; /tmp/myscript; rm /tmp/myscript";

Of course, you'd add in some error handling (failed open, what if /tmp/myscript exists, etc.), but that's the idea.

回复 原文
梦亿 2024-07-24 14:59:30

如果通过 expectrshtelnet 之间进行选择,我会选择 rshExpect 脚本很脆弱。 破坏一个只需有人更改远程计算机上的 PS1 值即可。 使用 rsh 还可以为您最终进入 90 年代并开始使用 ssh 做好准备(因为您通常只需将 rcp 更改为 < code>scp 和 rshssh 并且一切仍然有效)。

Given a choice between rsh and telnet via expect, I would chose rsh. Expect scripts are fragile. All it takes to break one is someone changing the value of PS1 on the remote machine. Using rsh also prepares you for the day you will finally enter the '90s and start using ssh (since you can mostly just change rcp to scp and rsh to ssh and everything still works).

回复 原文
~没有更多了~

关于作者

淡笑忘祈一世凡恋

暂无简介

0 文章
0 评论
22 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

留蓝

文章 0 评论 0

18790681156

文章 0 评论 0

zach7772

文章 0 评论 0

Wini

文章 0 评论 0

ayeshaaroy

文章 0 评论 0

初雪

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文