LinuxQuestions.org - ssh password from textfile

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - ssh password from textfile (https://www.linuxquestions.org/questions/linux-security-4/ssh-password-from-textfile-732000/)

ssh password from textfile

Hi,

has the original question been actually answered? Is there a way to use ssh (or mor urgent scp) with having the password in a file? I need to copy quite a lot of file to/from my work space, and for each scp I have to type my password. This is very annoying!
And yes, I have tried to setup the standard password-less ssh with keys, but for some unknown reasons this functionality is disabled. So the ONLY thing I can do is to stupidly type the same password dozen of times a day, except there is a way to do it with a password in a file...

Any help welcome.

Cheers
Alex

// Pruned from a vintage 2008 thread, please don't resurrect stale threads, TIA.

Quote:

Originally Posted by alex170872 (Post 3569417)

My suggestion would be to write a simple expect script...

Code:

#!/usr/bin/expect -f

set user username

set pass password

set host hostnameoripaddr

spawn ssh -l $user $host

expect "assword:" 

send "$pass"

interact

This is off the top of my head and the syntax may need some tweaking, but you get the general idea.

Quote:

Originally Posted by alex170872 (Post 3569417)

I have tried to setup the standard password-less ssh with keys, but for some unknown reasons this functionality is disabled.

Trying to find out wouldn't hurt, wouldn't it?

Quote:

Originally Posted by alex170872 (Post 3569417)

I need to copy quite a lot of file to/from my work space, and for each scp I have to type my password.

A password authenticates you as being a valid user on a local or remote system. Passwords often concern a personal account and certain privileges. Being careless about, giving away or otherwise making the password available to others may not be appreciated by remote admins. Ergo having a password in a script is not a good thing if someone else can read it. I suggest you try using ssh-agent before succumbing to using insecure kludges.

Hi,

first a reply to the most recent email:

Quote:

Being careless about, giving away or otherwise making the password available to others may not be appreciated by remote admins.

Yes I understand. But these remote admins DO NO ALLOW the usage of keys to log in!! They have disabled that feature due to some unknown reasons!

Nevertheless, with the example given in the post before that I googled I found a script which I have modified as follows:

Quote:

#!/usr/bin/expect -f
set source [lindex $argv 0]
set dest [lindex $argv 1]
set timeout -1
spawn scp $source user@host:$dest
set pass "whatever"
expect {
password: {send "$pass\r" ; exp_continue}
eof exit
}

This works so far fine to copy one file around, but when I use placeholders it does not work. Lets call the script 'scp_to_host' then the folling happens:

./scp_to_host "data_*" /home/user
spawn scp data_* user@host:/home/user
user@host's password:
'data_*': No such file or directory
Killed by signal 1.

Any ideas how to modify the script so that wildcards are accepted as well?

Cheers
Alex

Tcl does not do filename expansion using the shell wildcard, but by means of the glob function. Once you've retrieved the list of files, you can use a for loop to copy each of them at a time:

Code:

#!/usr/bin/expect -f

set source [eval exec ls [glob [lindex $argv 0]]]

set dest [lindex $argv 1]

set timeout -1

set pass "whatever"

foreach file $source {

  spawn scp $file user@host:$dest

  expect {

  password: {send "$pass\r" ; exp_continue}

  eof

  }

}

Maybe there is a better method in order to avoid the foreach loop, which iterates the scp command N times, but I'm not good at Tcl scripting! :)

Have you asked the admins about being allowed to use public key login?
Another good suggestion from unSpawn is ssh-agent.