Menu

FAQ

Carlos Celso de Almeida

Return HOME

QUESTIONS

1. Can i request free support to install or use?
2. Which commands are available?
3. Which commands i must keep in non-root users clients?
4. Does RCMD have a command to copy files?
5. Can i use a remote database engine?
6. How to check if my credentials not working?
7. Can i use an other database engine?
8. Can i use non-root users?
9. Can i use multiple users?
10. What means "File History Error, permission denied"
11. Do i have a history of all commands or scripts sent by RCMD?
12. Can i debug the probe process?
13. Can i assign system ENVIRONMENT before ssh commands?
14. Can i assign additional options in the ssh commands?
15. Whats means 'RCMD INTERNAL ERROR' message?
16. Can i re-install the rcmd modules without rebuild my database?
17. Can i be root using one non-root user as default login to send the commands?
18. Can i be root user using use one non-root remote user as default login without local?
19. Can i enable public access in my private keys?
20. How i assign special TCP Port for specific node?
21. How can i fix: "unable to negotiate with [my_ip] port 22: no matching host key type found. their offer: [client_key]"

ANSWERS

FAQ: Can i request free support to install or use?

    Answer: YES, open the ticket in the project

See: Support

FAQ: Which commands are available?

    Answer: The command have two commands: rcmd and rcmdmgnt. See:

    # rcmd -help
    # rcmdmgnt -help

FAQ: Which commands i must keep in non-root users clients?

    Answer: You must keep:

    # /usr/lib/local/bin/rcmd
    # /usr/lib/local/bin/rcmdlib.pm

    i can remove:

    # rm -f /usr/lib/local/bin/rcmdmgnt
    # rm -f /usr/lib/local/bin/rcmdprobe

    Use readonly database login in the /etc/rcmd.d/rcmd.conf

FAQ: Does RCMD have a command to copy files?

    Answer: NO. only commands to send 'remote commands'.

FAQ: Can i use a remote database engine?

    Answer: YES. The credentials may be required.

See: CPAN SQL::SimpleOps Module

FAQ: How to check if my credentials not working?

    Answer: Go to your client node and try iteractive access on the
    database. The credentials must be works.

    # mysql -h [db_server] -D [db] -u [login] -p
    # psql -h [db_server] -b [db] -U [login] -p

FAQ: Can i use an other database engine?

    Answer: NO, Depends of Perl SQL::SimpleOps module support.

See: CPAN SQL::SimpleOps Module

FAQ: Can i use non-root users?

    Answer: YES. The 'sudoers' may be required.

FAQ: Can i use multiple users?

    Answer: YES. The 'sudoers' may be required.

FAQ: What means "File History Error, permission denied"?

    The command has ben executed without R/W permission access in the work area
    You must create a local group for non-root users

    I.E: group name: rcmdusers

    # groupadd rcmdusers
    # chgrp -R rcmdusers [workfolder] (default: /var/lib/rcmd)
    # usermod -G rcmdusers [non_root_user]

FAQ: Do i have a history of all commands or scripts sent by RCMD?

    Answer: YES, locally in the clients. no database history exists.
    # ls /var/lib/rcmd/history

FAQ: Can i debug the probe process

    Answer: YES, Run 'sh -x /usr/local/bin/rcmdprobe'

    NOTE: You can copy this script into '[client]:/tmp' and do it

See: rcmdprobe

FAQ: Can i assign system ENVIRONMENT before ssh commands?

        Answer: YES, see 'ENV option' in /etc/rcmd.d/rcmd.conf

FAQ: Can i assign additional options in the ssh commands?

        Answer: YES, use '-ssh-option' in 'rcmd' and 'rcmdmgnt'

FAQ: Whats means 'RCMD INTERNAL ERROR' message?

    Answer: The internal rcmd modules is corrupt!
    Re-install the RCMD may be required.

FAQ: Can i re-install the rcmd modules without rebuild my database?

    Answer: YES, the re-install process do not make any changes in your database.

FAQ: Can i be root using one local non-root user as default login to send the commands?

    Answer: YES

    a) create the local;

       # useradd [mylogin]

    b) create the ssh keys into ~[mylogin]/.ssh folder

      # ssh-key-gen ...

        NOTE: The 'ssh-keygen' will create the .ssh folder

    c) create config file in .ssh folder (optional)

       # echo StrictHostKeyChecking no > ~[mylogin]/.ssh/config
       # chown [mylogin] ~[mylogin]/.ssh/config

    d) assign the [mylogin] in the /etc/rcmd.d/rcmd.conf

         set SSH_LOGIN [mylogin]

        NOTE: you dont need defines the SSH_PRIVATE_KEY, the RCMD will use the '.ssh' as default.

    e) export the created keys for your clients.

       folder: ~[mylogin]/.ssh

FAQ: Can i be root user using use one non-root remote user as default login without local?

    Answer: YES, restrictions is only root users can be used as command client.

    a) create the ssh keys into [mykeyfolder] folder (i.e: /etc/rcmd.d/keys)

        # mkdir /etc/rcmd.d/keys
        # chmod 0500 /etc/rcmd.d/keys

    b) add the line in the /etc/rcmd.d/rcmd.conf

        set SSH_LOGIN [mylogin]
        set SSH_PRIVATE_KEY [mykeyfolder]/myprivatekey1.pub
        ...
        set SSH_PRIVATE_KEY [mykeyfolder]/myprivatekeyN.pub

    c) export the created keys for your clients.

FAQ: Can i enable public access in my private keys

    Answer: YES, but is not recommended, is not a best security practices.

FAQ: How i assign special TCP Port for specific node?

i.e:

    # ssh -p [myport] [myclient] ...

    # rcmd -ssh_port [myport] [myclient] ...
or
    # rcmdmgnt -assign -option ssh_port:[myport] [myclient]
and
    # rcmd [myclient] ...

FAQ: How can i fix: "unable to negotiate with [my_ip] port 22: no matching host key type found. their offer: [client_key]"

- 'my_ip' is the client ip address and;
- 'client_key' is the client supported ssl keys as try for the remote access)
- the RCMD-0.3.2 is required

BEWARE: This schenarios are obsoletes and may be unsecure connection.
The best practices is refresh the SSH client and server to supported versions.

Check the SSH options that to you need assign on the client.

i.e:

    # ssh -o HostKeyAlgorithms=+[mytypes]
        -o PubkeyAcceptedAlgorithms+[mykeys]
        -c [mycipher_specs] [myclient1] [mycommand]

a) using options by command:

    # rcmd -ssh-option HostKeyAlgorithms=+[mytypes]
     -ssh-option PubkeyAcceptedAlgorithms+[mykeys]
     -ssh-cipher [mycipher_specs] [myclient1,myclient2] [mycommand]

   NOTE: This format will be applied for all clients in [myclient list]

b) based /etc/rcmd.d/rcmd.conf:

   set SSH_OPTION HostKeyAlgorithms=+[mytypes
   set SSH_OPTION PubkeyAcceptedAlgorithms+[mykeys]
   set SSH_CIPHER [mycipher_specs]

    # rcmd [myclient] [mycommand]

   NOTE: This option will be enforced for all clients in [myclient list]

c) assigning in the client:

    # rcmdmgnt -assign
     -option ssh_options:HostKeyAlgorithms=+[mytypes]
     -option ssh_options:PubkeyAcceptedAlgorithms+[mykeys]
     -option ssh_cipher:[mycipher_specs] myclient1
   and
    # rcmd [myclient1,myclient2] [mycommand]

   NOTE: The clients will be different ssh options.
   NOTE: The special options will be for 'myclient1' only.
   NOTE: If the 'myclient1' has been system refreshed (SSH upgrades) you must review the options.

ENDED

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.