Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been searching for a shell script which does login to remote server without DSA Key authentication. All I was following http://bash.cyberciti.biz/security/e...-login-script/ and just ran the script it threw errors.
To troubleshoot I explored more with the forums and found that perl-expect has to be installed.
I downloaded few packages ( as yum went unconfigured):
[root@server ~]# sh script.sh
script.sh: line 25: spawn: command not found
script.sh: line 26: match_max: command not found
script.sh: line 28: expect: command not found
script.sh: line 30: send: command not found
script.sh: line 32: send: command not found
script.sh: line 33: expect: command not found
[root@server ~]#
Any idea if anything missing still to install / configure.
running an expect script through sh instead of expect is not exactly a good start. It's not a shell script, why have you called it script.sh? not that it matters really. just make it executable and run it directly and in line with the shebang at the start, it'll run it with expect. It also clearly doesn't need perl-Expect at all. Just the real Expect.
as above, you don't want perl-expect, which is an internal perl library replicating expect. You want expect, which is expect. spawn is not a command, it's code in an expect script, which is what you're looking at. Install expect.
#!/usr/bin/expect -f
# Expect script to supply root/admin password for remote ssh server
# and execute command.
# This script needs three argument to(s) connect to remote server:
# password = Password of remote UNIX server, for root user.
# ipaddr = IP Addreess of remote UNIX server, no hostname
# scriptname = Path to remote script which will execute on remote server
# For example:
# ./sshlogin.exp password 192.168.1.11 who
# ------------------------------------------------------------------------
# Copyright (c) 2004 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------
# set Variables
set password [lrange $argv 0 0]
set ipaddr [lrange $argv 1 1]
set scriptname [lrange $argv 2 2]
set arg1 [lrange $argv 3 3]
set timeout -1
# now connect to remote UNIX box (ipaddr) with given script to execute
spawn ssh root@$ipaddr $scriptname $arg1
match_max 100000
# Look for passwod prompt
expect "*?assword:*"
# Send password aka $password
send -- "$password\r"
# send blank line (\r) to make sure we get back to gui
send -- "\r"
expect eof
Saved it as sshlogin.exp.
I installed expect RPM and it went successful.
When I run :
Code:
[root@server ~]# ./sshlogin.exp c0mp&t@# 192.168.254.129 who
spawn ssh root@192.168.254.129 who
The authenticity of host '192.168.254.129 (192.168.254.129)' can't be established.
RSA key fingerprint is 00:42:bc:52:19:41:b4:fa:d6:1f:6a:db:0f:de:9c:fe.
Are you sure you want to continue connecting (yes/no)? yes
^C[root@server ~]# ls
Why is it asking for password?
I am trying to ssh to my local machine for a trial.
Isnt possible?
With ssh you either login using an auth key or a passwd. Using 'expect' you can put the passwd in the expect script, thus making it unnecessary to manually enter the passwd from then on.
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
A 3rd option is ssh-agent; basically you start the ssh-agent session, give it the passwd when reqd and any ssh cmds run from within that session can obtain the passwd on demand.
This is a REALLY bad idea from the security pt of view. Never put a passwd in a script if possible.
True enough; you can make it into a slightly less bad idea by compiling the script, and preventing anyone other than root from reading the script, but you've still only made it a slightly less bad idea.
Why is it asking for the password? It's *NOT* asking for the password is it... where's the password prompt? There isn't one, that's a rmeote host key check, which is totally different. If it's getting stuck there, just manually ssh to localhost first, then run it again and it'll already know the key so won't ask again.
ssh scripts are somtimes unavoidable, but sshing as root should never be, don't ssh as root. that shouldn't even be possible on a properly managed system.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.