Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using sshpass and ssh to login to remote server.
Once I log into to the remote server I would like to switch to webapp user for which I would like to pass the password from the same command line where I initiated the sshpass on my terminal.
The above command cnnects to abc.com host and asks for password and when I type the password is visible what I type, and fails to switch to webapp user.
You could maybe do that with the TCL-derivative, Expect. However, first, it would be a very good idea to set up SSH-key or SSH-certificate based authentication and turn off password authentication. Then you can do the rest with Expect.
I do not think you can do that, as the passfile you are using for sshpass is for the user who connects to the remote machine, and not the webapp user.
Can't you just ssh with webapp user directly?
No, due to security reasons, we are supposed to log in as ourselves and then switch to the webapp user. That is the policy. I am trying for a one line code using sshpass ssh and or any other commands that connects me to the server and then switch me to webapp.
You could maybe do that with the TCL-derivative, Expect. However, first, it would be a very good idea to set up SSH-key or SSH-certificate based authentication and turn off password authentication. Then you can do the rest with Expect.
Based on my example can you help me out with the code how to use the expect.
You could maybe do that with the TCL-derivative, Expect. However, first, it would be a very good idea to set up SSH-key or SSH-certificate based authentication and turn off password authentication. Then you can do the rest with Expect.
I have setup a password less authentication. and I can log into the remote server just by typing ssh myself@abc.com.
The difficulty is to switch to webapp where I have to pass the password. Any help is appreciated.
No, due to security reasons, we are supposed to log in as ourselves and then switch to the webapp user. That is the policy. I am trying for a one line code using sshpass ssh and or any other commands that connects me to the server and then switch me to webapp.
There is no 'one line' to do this. If this is for security purposes, why on earth are you trying to script a login?? Anyone who gets on your machine can use the stored credentials and log into your web server. What is the command you're trying to run, or what are you trying to accomplish on the webapp server with this command?
Quote:
Originally Posted by rparavastu
Based on my example can you help me out with the code how to use the expect.
No, sorry...we aren't going to write your scripts/code for you. We are happy to HELP you, so if you post your work and show your efforts and tell us where you're stuck, we can assist. Otherwise, you can find THOUSANDS of tutorials for expect and scripting with a brief Internet search.
I have setup a password less authentication. and I can log into the remote server just by typing ssh myself@abc.com. The difficulty is to switch to webapp where I have to pass the password. Any help is appreciated.
Right; again, you can use expect to do this in a simple script. But you still haven't said what it is you want to accomplish by doing this. Because if you have to run command(s) as that webapp user, you have to type THOSE in as well, so what's the big deal about typing in a password?
ssh does not allocate a pseudo-tty by default and not having an interactive tty prevents you from entering the password correctly. The -t option forces a tty
Right; again, you can use expect to do this in a simple script. But you still haven't said what it is you want to accomplish by doing this. Because if you have to run command(s) as that webapp user, you have to type THOSE in as well, so what's the big deal about typing in a password?
Point well taken. I agree with you, if I were running one or two commands, I would not worry about it. I have multiple scripts that I need to deploy every other day, some are repetitive tasks, I would rather have a single line login script and create an alias for it, and deploy the scripts remotely when connected as webapp on the server. As of now I am connecting manually, and deploying my scripts. I am trying to minimize work, if that makes sense. Thank You very much for suggesting the usage of expect. I am in the process of exploring the usage of expect, however, due to other production issues coming up, I am giving less priority for now, in the mean time if I can get some directions (definitely not code) I will work on it time permitting. Hope I am clear now, as to what I am trying to accomplish.
If this is truly routine and repetitive have you considered using a cron job for the webapp user? Also if possible you should probably be using key authentication over the nastiness that is sshpass.
Thank You everyone for the suggestions and help. We have chosen to go with another plan, to use CA Automation tool AUTOMIC (UC4) which gives us better control of deploying the scripts based on the completion of a particular process, using workflows.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.