Thank you for all who replied to my post. My original question was: Is it possible to dump a filesystem from Solaris box to a Linux box? from my linux box I do: #ssh solarisbox ufsdump 0f linuxbox:/dev/tape /remote_filesystem but I got an error message: DUMP: Permission denied. DUMP: Cannot connect to tape host `solarisbox' DUMP: The ENTIRE dump is aborted. Is it possible to dump a filesystem from Solaris box to a Linux box? from my linux box I do: #ssh solarisbox ufsdump 0f linuxbox:/dev/tape /remote_filesystem but I got an error message: DUMP: Permission denied. DUMP: Cannot connect to tape host `solarisbox' DUMP: The ENTIRE dump is aborted. the solarisbox hostname is in /etc/hosts.equiv and /etc/ssh/shosts.equiv of my linux box. I even add it to .hosts file. Solution: 1.) Two problems: (a) ufsdump uses rsh, and rsh ONLY. So the tapehost needs to be accepting rsh connections from the Solaris host. (b) ufsdump relies on rmt's "S" (status) command, which is platform-dependent. If your tapehost has a standard Linux implementation of /etc/rmt, things won't work. It shouldn't be too difficult to modify rmt on Linux to be Solaris-compatible. What people usually do is ufsdump -f - | [rs]sh tapehost dd of=/dev/tape. One example is: #ssh solarisbox ufsdump 0f - /remote_filesystem | ssh linuxbox dd of=/dev/tape 2. AUTOMATIC ROOT AUTHENTICATION VIA PUBKEY FOR OPENSSH Introduction: As secure replacement for rsh (and other r* and telnet commands), I have setup automatic root authentication thru RSA pubkey. Once you are logged in a root in any of the unix machines, there is no need to type a password when you connect to another machine. To do this: a) Generate a pair of RSA id keys using ssh-keygen and copy the generated keys to appropriate files in the /.ssh directory: ssh-keygen -t rsa cp id_rsa identity cp id_rsa.pub identity.pub cp id_rsa.pub authorized_keys Note: Dont put any passphrase. If you want passphrase, you must activate ssh-agent forwarding. b) Copy all files generated above to all unix machines /.ssh directory. This must be the last application of rcp/rsh. :) c) Before you can proceed, you must generate a list of host-keys. This can be done by concatenating all /etc/ssh/ssh_host_rsa_key.pub and/or /etc/ssh/ssh_host_d sa_key.pub together. This is tedious ! The output goes to /etc/ssh/ssh_known_hosts of all unix machines and must be world readable. d) Afterwards, 'ssh remote_machine' as root should not ask for root passwd anymore. Ssh has now replaced the insecure rsh and .rhosts. The latter can now be decimated. Note: In the sshd_config, you must have: PermitRootLogin yes and AllowedAuthentication must be pubkey OR passwd. There must be no RequiredAuthentication option. 3. In your linuxbox:/root/.ssh change the name of ssh_known_hosts to ssh_known_hosts2. -- Lito A. Lampitoc Foundation for Communication Initiatives phone:+63(2)8941345 CodeWAN Project http://www.codewan.com.ph -- Things which matter most must not be in the mercy of things which matter least" - Goethe. _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Mon Feb 18 00:11:18 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:34 EST