> We are planning on implementing 'Expect Scripts' on a few Unix / Cisco
> devices. These will log into the servers using SSH, then record a few
> basic system functions.
> I was wondering what the security and vulnerability concerns might be?
> The FAQ's on the Expect site do not contain any security issues.
It's a matter of how you store the information to connect. Will you pass
the password for login in a script or file, or will use you keys? Both
are insecure for various reasons. Personally, and this is maybe overkill
for some people, I'd just create an interface to communicate over the
network to perform only the tasks I want to have performed on the other
servers via a client-server method, which can be far more secure and
controlled. It's not really that much work involved.
Server admin, support, programming for shared & dedicated web servers
Secure, reliable hosting you expect and deserve! http://www.2host.com