LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 02-13-2017, 01:11 PM   #1
tonj
Member
 
Registered: Sep 2008
Posts: 521

Rep: Reputation: 37
bash script: pass the word 'yes' in command


I'm trying to write a bash script to set up a remote ssh connection. The command runs fine but stops and asks me 'yes/no' but I need the script to enter 'yes' automatically. This is my script:
Code:
#!/bin/bash
ssh -R8030:localhost:22 <ip.address> <<EOF
yes
<password>
exit
exit 0
EOF
but the console progress stops and says:
'Are you sure you want to continue connecting (yes/no)?'.

I also tried:
Code:
yes | ssh -R8030:localhost:22 <ip.address>
and
echo yes | ssh -R8030:localhost:22 <ip.address>
but both of these stop as well and asks for yes/no.

how can I get this script to work?

Last edited by tonj; 02-16-2017 at 05:11 AM.
 
Old 02-13-2017, 01:15 PM   #2
TheEzekielProject
Member
 
Registered: Dec 2016
Distribution: arch
Posts: 664

Rep: Reputation: 190Reputation: 190
Have a look at
Code:
man ssh_config
Particularly the section AddKeysToAgent
 
Old 02-13-2017, 01:25 PM   #3
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,617
Blog Entries: 3

Rep: Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871
Indeed. Though the directive AddKeysToAgent may not be available to the client for old versions of OpenSSH. Take a look at key-based authentication and, old or new, the directive IdentityFile. Passwords are not a good idea and should be turned off once you get keys working for all your accounts. On the account in use by the script, you can even have the public key lock the session into a specific script or program.
 
Old 02-13-2017, 01:43 PM   #4
tonj
Member
 
Registered: Sep 2008
Posts: 521

Original Poster
Rep: Reputation: 37
thanks but neither of these replies help in simply passing the 'yes' when the prompt comes up.
 
Old 02-13-2017, 01:53 PM   #5
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656
Code:
ssh-keyscan -H yourhost >> ~/.ssh/known_hosts
ssh yourhost
or

Code:
ssh -o "StrictHostKeyChecking no" yourhost
or

use python fabric or paramiko
http://www.fabfile.org/
http://www.paramiko.org/

or

use an EXPECT script
https://linux.die.net/man/1/expect
 
Old 02-13-2017, 01:54 PM   #6
TheEzekielProject
Member
 
Registered: Dec 2016
Distribution: arch
Posts: 664

Rep: Reputation: 190Reputation: 190
...it absolutely does answer the question. If you read the man page, you would see that you can use the option AddKeysToAgent to do this. e.g.
Code:
ssh -o AddKeysToAgent=yes yourusername@yourhostname
 
Old 02-14-2017, 02:57 AM   #7
tonj
Member
 
Registered: Sep 2008
Posts: 521

Original Poster
Rep: Reputation: 37
thanks TheEzekielProject I tried what you said but the console still stops and asks:
"Are you sure you want to continue connecting (yes/no)?"
based on your answer this is the script I tried:
Quote:
#!/bin/bash
ssh -o AddKeysToAgent=yes <me>@<remote-host> <<EOF
yes
<password>
exit
EOF
exit 0
this is the full console response:
Quote:
command-line: line 0: Bad configuration option: AddKeysToAgent
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is <long-key>
Are you sure you want to continue connecting (yes/no)?

Last edited by tonj; 02-14-2017 at 03:00 AM.
 
Old 02-14-2017, 03:01 AM   #8
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,617
Blog Entries: 3

Rep: Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871
AddKeysToAgent is only available in recent SSH clients. Which version of an SSH client do you currently have?

If you do not have AddKeysToAgent available, you'll have to follow szboardstretcher's advice to add the keys manually using ssh-keyscan so that the key is registered in known_hosts -- for the account the script actually runs as.
 
Old 02-14-2017, 03:12 AM   #9
tonj
Member
 
Registered: Sep 2008
Posts: 521

Original Poster
Rep: Reputation: 37
Turbocapitalist thanks I did sshd -v and saw 'OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013'
following szboardstretcher's advice I tried this:
Quote:
#!/bin/bash
ssh-keyscan -H localhost >> ~/.ssh/<remote-host>
ssh localhost <<EOF
yes
<password>
exit
EOF
exit 0
but the console still stops with:
"Are you sure you want to continue connecting (yes/no)?"
 
Old 02-14-2017, 03:28 AM   #10
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,617
Blog Entries: 3

Rep: Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871
Quote:
Originally Posted by tonj View Post
I tried this:
Which was not what szboardstretcher advised. The key needs to go into the file actually named known_hosts. No other file name will do, accept no substitutions.

Outside of your script, if you are trying to connect to localhost from your own account, try this to get the server's public RSA key:

Code:
ssh-keyscan -t rsa localhost >> ~/.ssh/known_hosts
Similarly if you are trying to connect to wwww.example.com, try this,

Code:
ssh-keyscan -t rsa wwww.example.com >> ~/.ssh/known_hosts
If ~/.ssh/ does not exist, make it:

Code:
mkdir -m 700 ~/.ssh/
Same for known_hosts:

Code:
touch ~/.ssh/known_hosts
chmod 600 ~/.ssh/known_hosts
 
Old 02-14-2017, 03:05 PM   #11
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 17,264
Blog Entries: 10

Rep: Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172Reputation: 5172
Quote:
Originally Posted by tonj View Post
I need the script to enter 'yes' automatically.
you know that there's actually a command for that?
Code:
yes|ssh something
 
Old 02-14-2017, 03:12 PM   #12
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,237

Rep: Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656Reputation: 1656
'yes' returns 'y' not 'yes'

'yes yes' returns 'yes'

Last edited by szboardstretcher; 02-14-2017 at 03:15 PM.
 
Old 02-14-2017, 05:15 PM   #13
michaelk
Moderator
 
Registered: Aug 2002
Posts: 21,507

Rep: Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114Reputation: 4114
If the script is being run as a regular user then once you type in 'yes' the question is no longer asked since the host key is stored in the users .ssh/known_hosts file. If the script is not a regular user i.e. does not have a login shell then using -o StrictHostKeyChecking=no option on the command line should keep the question from being asked. If neither of the above is true then you need to provide more information. Using a heredoc or pipe does not work but expect should

Last edited by michaelk; 02-14-2017 at 07:20 PM.
 
Old 02-16-2017, 05:05 AM   #14
tonj
Member
 
Registered: Sep 2008
Posts: 521

Original Poster
Rep: Reputation: 37
thanks for all the responses here, I solved it by using expect (thanks to szboardstretcher for bringing this to my attention).
1) yum -y install expect (need the epel repo for this)
2) created a script called test.sh
3) chmod +x test.sh
here is the test.sh script:
Quote:
#!/usr/bin/expect
eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no root@<remote-host>
#use correct prompt
set prompt ":|#|\\\$"
expect "POSSIBLE BREAK-IN ATTEMPT!"
interact -o -nobuffer -re $prompt return
send "<password>\r"
interact -o -nobuffer -re $prompt return
send "exit\r"
interact
4) ./test.sh
the above method works is setting up an initial remote connection.

Last edited by tonj; 02-16-2017 at 05:06 AM.
 
Old 02-16-2017, 05:13 AM   #15
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,617
Blog Entries: 3

Rep: Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871Reputation: 2871
Thanks for the update, it's always good to hear solutions even if one might not agree with them.

About that, you might be well served to look into why you still don't have the right host key in known_hosts on your client and fix that while it is inexpensive to fix. Brushing the problem under the rug does no one any favors. While the above might provide access, directly or indirectly, to the machine you desire, it will likely come back to bite you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] in bash script the export variable can't pass to command line smallnokia Programming 7 06-07-2013 02:49 AM
calling lftp from a bash script; howto pass variables into the command syntax stvy Programming 2 01-09-2013 01:43 PM
[SOLVED] net snmp pass persist script, can not run a bash script!! Linux Chips Linux - General 4 12-23-2012 01:50 PM
bash shell script read file word by word part 2 justina Programming 7 01-25-2011 01:19 PM
[SOLVED] bash shell script read file word by word. justina Programming 15 01-22-2011 10:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration