Re: rootd and ssh tunnel

From: J. LJUNGVALL <jljungva_at_dapnia.cea.fr>
Date: Wed, 15 Mar 2006 16:39:19 +0100 (CET)

Dear Gerri,

I use root 5.10/00 that has been built using GCC 3.4.5 from source. Running linux 2.6.9-22.0.2.EL.cernsmp.

Thank you for the prompt reply.

cheers

Joa

On Wed, 15 Mar 2006, Gerri Ganis wrote:

>
> Dear Joa,
>
> Yes, you can authenticate via SSH keys to rootd but, unfortunately,
> there is
> a sort of typo that currently prevents that to work with a SSH tunnel.
> I'll fix this in CVS asap.
> Please specify which exact ROOT version (and binaries, if the case) you
> are
> using so I can provide the correct fix for your setup.
>
> Note, however, that if the files you are opening are all served by the
> same
> rootd, you will only be prompted for the password the first time,
> without the
> need to store the unencrypted password in any file.
>
> Cheers, Gerri
>
>
>
> J. LJUNGVALL wrote:
>
> >Hi,
> >
> >I want to be able to read root files remotely from a firewalled
> computer.
> >So on the local side I do
> >
> >bash> ssh -L 8000:localhost:8000 myremote_at_remote.host
> >
> >and then at the remote host
> >
> >bash> rootd -p 8000
> >
> >In /home/myremote/ on the remote side I have a .rootdpass file.
> >Then at the local side
> >
> >root> TFile *file =
> >TFile::Open("root://myremote@localhost:8000/rootfile.root);
> >
> >root the prompts me for the password and all is fine, except I would
> like
> >to open hundreds of files in an application and can't give the password
>
> >for every file... I have seen a solution on the root forum but it
> suggests
> >that I should store unencrypted passwords on the "wrong" computer so to
> say.
> >There must be a better solution, or? I have the impression from reading
>
> >the man pages that rootd should be able to use the ssh keys but can't
> quite
> >figure out how to get that to work. Can someone help me?
> >
> >
> >cheers
> >
> >
> >Joa
> >
> >
> >
> >
>
>
> --
> +-----------------------------------------------------------------------
> ---+
> Gerardo GANIS PH Department, CERN
> address CERN, CH 1211 Geneve 23
> room: 32-RC-017, tel / fax: +412276 76439 / 69133
> e-mail gerardo.ganis_at_cern.ch
> +-----------------------------------------------------------------------
> ---+
>
>
Received on Wed Mar 15 2006 - 16:39:32 MET

This archive was generated by hypermail 2.2.0 : Mon Jan 01 2007 - 16:31:57 MET