Bash script to avoid typing SSH key passphrase not working
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Bash script to avoid typing SSH key passphrase not working
Hello Experts,
I have a 2 line bash script to start SSH agent so that I don't have to type the passphrase again and again. But it not working as I expect. Its asking the passphrase even after I run the script.
Can anyone please tell me what is wrong this script?
Code:
user@computer:~$ ./bash.sh
Agent pid 18
Enter passphrase for /home/user/.ssh/id_rsa:
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
user@computer:~$ ssh 192.168.0.18
Enter passphrase for key '/home/user/.ssh/id_rsa': ----> ASKING PASSPHRASE AGAIN!!
user@computer:~$
user@computer:~$ cat bash.sh
#!/bin/bash
eval `ssh-agent -s`
ssh-add
user@computer:~$
it doesn't surprise me.
i think the software expect was written for cases like these.
or maybe ssh has an option to read password from stdin?
also you can blank the key's passphrase.
so now you have 3 separate solutions, i hope one of them is to your liking.
You have the right idea but notice that you are creating a new agent process each time you run the script. You'll want to modify the script to find an existing agent and use that if it is available but only launch a new agent if one is needed.
Also, Ubuntu 15.10 reached end of life many years ago, you should switch to a different version PDQ. https://wiki.ubuntu.com/Releases
Last edited by Turbocapitalist; 06-05-2018 at 02:43 AM.
what i did is to have phrases auto generated and distributed to all participating PC
caveat: all the pc have to be running, and first login you have to answer "Yes" and type password
==================
do i see a LAN IP? hey if it's just between two 'nix boxes on a LAN use rsh(1), finished quick - you'll love the speed improvement, no encryption who cares
what i did is to have phrases auto generated and distributed to all participating PC caveat: all the pc have to be running, and first login you have to answer "Yes" and type password
...which is exactly what the OP is trying to AVOID...typing in things over and over.
Quote:
do i see a LAN IP? hey if it's just between two 'nix boxes on a LAN use rsh(1), finished quick - you'll love the speed improvement, no encryption who cares
Sorry, but are you serious??? RSH and other such protocols aren't used for good reasons; security is ALWAYS something to care about. SSH (keyless) is far faster, easier, and more secure. There is zero reason to use rsh, and there hasn't been for going on 20 years now.
If the key is generated with a passphrase, won't the passphrase always be required when the key is used?
Only when it is loaded into the agent. After that, the agent takes care of the key and responds to authentication requests. If a key is made without a passphrase then it really ought to be locked down by prepending command="..." in the authorized_keys file where ... is a specific command with specific options.
What appears to be happening is that krishnar's script keeps launching new agents and loading the key into each one rather than doing that just once.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.