Hi all,

I have installed sshpass.

I am using sshpass and ssh to login to remote server.
Once I log into to the remote server I would like to switch to webapp user for which I would like to pass the password from the same command line where I initiated the sshpass on my terminal.

example:

sshpass -f passfile ssh myself@abc.com 'su - webapp'

The above command cnnects to abc.com host and asks for password and when I type the password is visible what I type, and fails to switch to webapp user.

Can someone help?

Thanks,
Ram.

I do not think you can do that, as the passfile you are using for sshpass is for the user who connects to the remote machine, and not the webapp user.

Can't you just ssh with webapp user directly?

You could maybe do that with the TCL-derivative, Expect. However, first, it would be a very good idea to set up SSH-key or SSH-certificate based authentication and turn off password authentication. Then you can do the rest with Expect.

No, due to security reasons, we are supposed to log in as ourselves and then switch to the webapp user. That is the policy. I am trying for a one line code using sshpass ssh and or any other commands that connects me to the server and then switch me to webapp.

Thanks,
Ram.

Based on my example can you help me out with the code how to use the expect.

Thanks,
Ram.

I have setup a password less authentication. and I can log into the remote server just by typing ssh myself@abc.com.
The difficulty is to switch to webapp where I have to pass the password. Any help is appreciated.

Thanks,
Ram.

There is no 'one line' to do this. If this is for security purposes, why on earth are you trying to script a login?? Anyone who gets on your machine can use the stored credentials and log into your web server. What is the command you're trying to run, or what are you trying to accomplish on the webapp server with this command?
No, sorry...we aren't going to write your scripts/code for you. We are happy to HELP you, so if you post your work and show your efforts and tell us where you're stuck, we can assist. Otherwise, you can find THOUSANDS of tutorials for expect and scripting with a brief Internet search.

Right; again, you can use expect to do this in a simple script. But you still haven't said what it is you want to accomplish by doing this. Because if you have to run command(s) as that webapp user, you have to type THOSE in as well, so what's the big deal about typing in a password?

Yes, there is a one liner.

ssh -t user@server 'su - webapp'

ssh does not allocate a pseudo-tty by default and not having an interactive tty prevents you from entering the password correctly. The -t option forces a tty

Point well taken. I agree with you, if I were running one or two commands, I would not worry about it. I have multiple scripts that I need to deploy every other day, some are repetitive tasks, I would rather have a single line login script and create an alias for it, and deploy the scripts remotely when connected as webapp on the server. As of now I am connecting manually, and deploying my scripts. I am trying to minimize work, if that makes sense. Thank You very much for suggesting the usage of expect. I am in the process of exploring the usage of expect, however, due to other production issues coming up, I am giving less priority for now, in the mean time if I can get some directions (definitely not code) I will work on it time permitting. Hope I am clear now, as to what I am trying to accomplish.

Thanks,
Ram.

If this is truly routine and repetitive have you considered using a cron job for the webapp user? Also if possible you should probably be using key authentication over the nastiness that is sshpass.

Thank You everyone for the suggestions and help. We have chosen to go with another plan, to use CA Automation tool AUTOMIC (UC4) which gives us better control of deploying the scripts based on the completion of a particular process, using workflows.

Thanks,
Ram.