This recipe demonstrates how to create a snapshot of a subject
system using ftimes and ssh such that output will be directed to
the ssh connection instead of the subject host.  This recipe assumes
that 1) all local commands are in the search path and will be
executed from a Bourne shell; 2) the local and subject operating
systems are supported flavors of UNIX; and 3) the local host can
establish a connection to the subject host over ssh.

1. If necessary, transfer a statically compiled, stripped copy of
   ftimes to /tmp on the subject host.  Note: Make sure you assign
   real values to LOCAL_FTIMES, SUBJECT, and SSHUSER before executing
   the following commands.

   export LOCAL_FTIMES=/usr/local/integrity/bin/ftimes
   export SSHUSER=sshuser
   export SUBJECT=subject
   scp -p ${LOCAL_FTIMES} ${SSHUSER}@${SUBJECT}:/tmp

2. Run ftimes on the subject host while redirecting stdout/stderr
   to separate files on the local system.  Give these files a name
   that includes a unique host identifier and the current time.
   The following ssh command will cause ftimes to scan the entire
   subject system and collect all attributes except for magic.

   export INCLUDE_LIST=''
   export RUNTIME=`date +%Y-%m-%d_%H:%M:%S`
   ssh ${SSHUSER}@${SUBJECT} /tmp/ftimes --mapauto all-magic ${INCLUDE_LIST} > ${SUBJECT}_${RUNTIME}.map 2> ${SUBJECT}_${RUNTIME}.log

   Note: If you only wish to map a specific set of directories and
   files, modify INCLUDE_LIST as appropriate.  For example, to scan
   /bin and /sbin, set INCLUDE_LIST as follows:

   export INCLUDE_LIST='/bin /sbin'

3. The following command will extract this recipe to a script file
   suitable for execution.  Note: Make sure you assign real values
   to LOCAL_FTIMES, SUBJECT, and SSHUSER.  If you only wish to map
   a specific set of directories and files (e.g., /bin and /sbin),
   modify INCLUDE_LIST as appropriate.

   sed -e '1,/^--- script ---$/d; /^--- script ---$/,$d' ftimes-map-automap-over-ssh.txt > ftimes-map-automap-over-ssh.sh

--- script ---
#!/bin/sh
INCLUDE_LIST='' # '/bin /sbin'
LOCAL_FTIMES=/usr/local/integrity/bin/ftimes
SSHUSER=sshuser
SUBJECT=subject
scp -p ${LOCAL_FTIMES} ${SSHUSER}@${SUBJECT}:/tmp
RUNTIME=`date +%Y-%m-%d_%H:%M:%S`
ssh ${SSHUSER}@${SUBJECT} /tmp/ftimes --mapauto all-magic ${INCLUDE_LIST} > ${SUBJECT}_${RUNTIME}.map 2> ${SUBJECT}_${RUNTIME}.log
--- script ---