I know that we shuld do ssh user@target but where do we specify the password ?
Thanks for your help ! Lalith
+2
A:
This cannot be done with a simple ssh command, for security reasons. If you want to use the password route with ssh, the following link shows some scripts to get around this, if you are insistent:
Michael Goldshteyn
2010-10-15 01:14:08
+3
A:
The best way to do this is by generating a private/public key pair, and storing your public key on the remote server. This is a secure way to login w/o typing in a password each time. Read more here
RyanHennig
2010-10-15 01:14:18
For those on windows, I recommend the "putty" set of tools. For this scenario, the pageant tool would handle key management. pglombardo gives the overview of using public key auth on *nix. I've set this up many times on linux, and it can be a challenge at times. If you have specific problems setting it up, post them here
RyanHennig
2010-10-15 18:55:55
+2
A:
The ssh command will prompt for your password. It is unsafe to specify passwords on the commandline, as the full command that is executed is typically world-visible (e.g. ps aux) and also gets saved in plain text in your command history file. Any well written program (including ssh) will prompt for the password when necessary, and will disable teletype echoing so that it isn't visible on the terminal.
If you are attempting to execute ssh from cron or from the background, use ssh-agent.
Michael Aaron Safyan
2010-10-15 01:14:28
+1
A:
The way I have done this in the past is just to set up a pair of authentication keys.
That way, you can log in without ever having to specify a password and it works in shell scripts. There is a good tutorial here:
Andy Groff
2010-10-15 01:15:19
A:
If you really want to use password authentication , you can try expect. See here for an example
ghostdog74
2010-10-15 01:22:32
A:
Hmm thanks for all your replies. My requirement is I have to start up some servers on different machines. All servers should be started with one shell script. Well, entering password every time seems little bad but I guess I will have to resort to that option. One reason why I don't want to save the public keys is I may not connect to same machines every time. It is easy to go back and modify the script to change target addresses though.
- Lalith
Lalith
2010-10-15 01:22:50
I'm confused: if your keys are all on the respective machines, that gives you the potential to call them without a password (presuming you don't associate a passphrase with the keys). It doesn't mean you have to connect to every machine with a key on it.
Will
2010-10-15 01:39:43
+1
A:
SSH Keys are the standard/suggested solution. The keys must be setup for the user that the script will run as.
For that script user, see if you have any keys setup in ~/.ssh/ (Key files will end with a .pub extension)
If you don't have any keys setup you can run:
ssh-keygen -t rsa
which will generate ~/.ssh/id_rsa.pub (the -t option has other types as well)
You can then copy the contents of this file to ~(remote-user)/.ssh/authorized_keys on the remote machine.
As the script user, you can test that it works by:
ssh remote-user@remote-machine
You should be logged in without a password prompt.
Along the same lines, now when your script is run from that user, it can auto SSH to the remote machine.
pglombardo
2010-10-15 01:27:04