开发者

Best way to handle this? (Website frontend, server backend and SSH)

开发者 https://www.devze.com 2022-12-18 19:41 出处:网络
Sorry about the title, don\'t know how to phrase this. I have my own machine running Ubuntu 9.10 and I have some scripts on their that I occ开发者_开发百科asionally SSH into the machine and run. I wo

Sorry about the title, don't know how to phrase this.

I have my own machine running Ubuntu 9.10 and I have some scripts on their that I occ开发者_开发百科asionally SSH into the machine and run. I would like to make a front end interface for this in the form of a website. How would I go about having the website SSH into my machine and run these scripts?

I thought about having the website write to a database and then the scripts on the machine would always be checking for new commands in the database. This seems inefficient as it would always be running as some scripts require user input.


As you can probably guess from my comment, I don't believe your setup to be entirely a great idea from a security perspective. So here are some suggestions for what you want to accomplish:

  • If you MUST use ssh for your remote server commands, please ensure that you're only accepting connections on an internal IP, and that you don't allow root ssh logins.
  • Consider setting up a Web service on your remote server instead. It would give you greater flexibility when integrating with a front-end Web application running on a different system. Look at SOAP, REST, XML-RPC, and Protocol Buffers as possible frameworks for this.
  • Don't read a list of possible system shell commands and automatically run them from a database. Use a crontab for this.

HTH,

-aj


To automate scripts over SSH you can use pass-phrase-less keys. Understanding that this is weakening the security so you have to be extra careful about your keys, for example:

  • Put the acceptable commands in the authorized_keys file
  • Change keys frequently

As for the web access, I think you are on the right lines in terms of putting some mechanism between your web interface and the actual execution.

0

精彩评论

暂无评论...
验证码 换一张
取 消