LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 10-23-2012, 10:12 AM   #1
alex170872
LQ Newbie
 
Registered: Oct 2008
Posts: 18

Rep: Reputation: 0
Question ssh to server without password and without changing the server's setup


Hi,

this question is related to ssh into a server without password. I know, the usual way to accomplish this is to exchange public keys, which gets stored on the server. But I want to be able to log-in to the server without making changes to the server, i.e. to store the key in .ssh/authorized_keys or something.

Is there any other way this can be accomplished?


Thanks,
Alex
 
Old 10-23-2012, 11:07 AM   #2
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,220

Rep: Reputation: 116Reputation: 116
No.
Unless the server accepts passwordless accounts & ssh logins - which I really hope it doesn't!

What you're asking is actually "is there a way I can set up my server so that anybody in the whole world can login".
Why do you want to do this?
 
Old 10-23-2012, 11:18 AM   #3
alex170872
LQ Newbie
 
Registered: Oct 2008
Posts: 18

Original Poster
Rep: Reputation: 0
Hi,

I do not want anybody in the whole world to login to the machine - I was just wondering if there is some other way I could authenticate myself.

Instead of typing the password for each ssh connection, I hoped for a way of providing this authorization information, maybe in some kind of file which contains an encrypted version of the password. A kind of private key, which can be used to automate the authorization process.

Is there no such way to handle ssh without installing/copying a public key to the server?


Thanks
Alex
 
Old 10-23-2012, 11:27 AM   #4
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,220

Rep: Reputation: 116Reputation: 116
Aha, now I understand!
I don't know of any way to pass a password to the ssh prompt, maybe with some serious scripting?
 
Old 10-24-2012, 05:31 AM   #5
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Somehow you need to authenticate yourself. So something has to be done on the server to grant access to someone. If you don’t want it on a per user basis: hostbased authentication may be an option. But this would also me to setup something on the server.

Maybe you can layout the intended use in more detail: why do you don’t want to install a public key on the server?
 
Old 10-24-2012, 07:40 AM   #6
alex170872
LQ Newbie
 
Registered: Oct 2008
Posts: 18

Original Poster
Rep: Reputation: 0
Hi,

what I want to do is to TEST the server, and to execute scripts as part of the installed software. The best way to do this is to execute those scripts via ssh, because in that way you do not need to modify the system (For Testing, it is really important to test a setup as-is, without modifying it). I have several solutions:

- For each ssh execution, I can type the password. Very inconvenient for hundreds of instructions.
- I could add my public key on the server, but this violates the paradigm to leave the system in its to-test state, strictly spoken.

What I would like to have instead of
ssh <server> <command>
with typing the password something like
ssh -f <file_with_encrypted_password> <server> <command>
to perform the same task, just without typing the password all the time and without the need to change the system.

Hope this clarifies my special needs.


Thanks
Alex
 
Old 10-24-2012, 07:51 AM   #7
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by alex170872 View Post
- I could add my public key on the server, but this violates the paradigm to leave the system in its to-test state, strictly spoken.
True, and I also argue that after the validation of the software on a machine you can neither upgrade the kernel nor exchange any libraries without redoing the validation. But for a public key on a user level I donít see the impact.

Can you install anything on the server? Someone must have created the user account at least which you use for example.
 
Old 10-24-2012, 09:35 AM   #8
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
One additional note: you can also run 802.1x authentication on wire and the server you want to test would then need to contact an external RADIUS server for granting access - which is under your control again. I’m not sure whether it allows also an empty password – just an idea.

But again: something has to be done on the DUT.
 
Old 10-24-2012, 09:42 AM   #9
suicidaleggroll
Senior Member
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 2,413

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
If this is just for testing, you could do it with an expect script. However this means your password is going to be shown in plain text in the script. Depending on the application, this might be acceptable though.
 
Old 10-24-2012, 10:12 AM   #10
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,534
Blog Entries: 51

Rep: Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604Reputation: 2604
Quote:
Originally Posted by alex170872 View Post
I could add my public key on the server, but this violates the paradigm to leave the system in its to-test state, strictly spoken.
Yes. And strictly spoken adding a (test) account, running any process, any network connection, any access, any logging on or into the testbed alters the state of the system. Unless modifying authorized_keys affects your tests significantly and in a way that can't be compensated for (you don't say what tests you actually want to run) you may be over-thinking and over-complicating things by not following standard procedure.
 
1 members found this post helpful.
Old 12-05-2012, 09:01 AM   #11
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,220

Rep: Reputation: 116Reputation: 116
The thread is 6 weeks old by now, but since I did find another solution:
I also found sshpass and a few examples with "expect": http://stackoverflow.com/questions/4...to-ssh-command
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] How to make ssh without password from mulitple server to single server by deepak_message Linux - Server 5 08-26-2012 12:03 PM
[SOLVED] scp/ssh to cygwin server from linux server without password prompt... blainemiller Linux - Server 7 05-18-2011 02:04 PM
[SOLVED] Configuring the Linux server to login to Windows server without password using SSH srajeshkumar Linux - Server 2 03-09-2011 09:49 PM
Unable to logon using ssh when changing password server Di@Blo Linux - Networking 0 10-24-2008 04:18 AM
Changing server password AFTER setting ssh-auto keys Swakoo Linux - General 1 02-22-2006 04:38 AM


All times are GMT -5. The time now is 11:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration