Best IT Recipes

Use in a bash script to provide a password for an SSH command.

For those who want to answer that I should use SSH keys, please refrain

I am trying to use wait in a bash script to provide an SSH password. Providing a password works, but I don't get into the SSH session as it should, it goes back to bash.

My script:

#!/bin/bash read -s PWD /usr/bin/expect <<EOD spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com' expect "password" send "$PWD\n" EOD echo "you're out"

The output of my script is:

 spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com usr@$myhost.example.com password: you're out

I would like to have an SSH session and only when I exit it to return to my bash script. The reason I use bash before waiting is because I have a menu where I can choose which device to connect to.

thank

+118
linux bash ssh expect
Jan 24 '11 at 10:22
source share
9 answers

Mixing bash and waiting is not the best way to achieve the desired effect. I would try using only Expect:

 #!/usr/bin/expect eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com #use correct prompt set prompt ":|#|\\\$" interact -o -nobuffer -re $prompt return send "my_password\r" interact -o -nobuffer -re $prompt return send "my_command1\r" interact -o -nobuffer -re $prompt return send "my_command2\r" interact

An example solution for bash might be:

 #!/bin/bash /usr/bin/expect -c 'expect "\n" { eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com; interact }'

This will wait for the input and return (for a moment) of the interactive session.

+74
Jan 24 2018-11-21T00:
source share

The easiest way is to use sshpass . This is available in the Ubuntu / Debian repositories, and you don't need to do integration with bash.

Example:

 sshpass -p<password> ssh <arguments> sshpass -ptest1324 ssh user@192.168.1.200 ls -l /tmp

The above command can be easily integrated with a bash script.

Note. Please read the Security Considerations section of man sshpass for a complete understanding of the security implications.

+51
Jul 08 '13 at 18:45
source share

Add the expected β€œinteract” command just before your EOD:

 #!/bin/bash read -s PWD /usr/bin/expect <<EOD spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com expect "password" send "$PWD\n" interact EOD echo "you're out"

This should allow you to interact with the remote computer before logging out. Then you will return to Bash.

+18
Jan 24 '11 at 19:04
source share

After searching for the answer to the question for several months, I finally found a really better solution: writing a simple script.

 #!/usr/bin/expect set timeout 20 set cmd [lrange $argv 1 end] set password [lindex $argv 0] eval spawn $cmd expect "assword:" send "$password\r"; interact

Put it in /usr/bin/exp , then you can use:

  • exp <password> ssh <anything>
  • exp <password> scp <anysrc> <anydst>

Done!

+13
Feb 03 '15 at 7:12
source share

Simple script example

Remotelogin.exp

  #!/usr/bin/expect set user [lindex $argv 1] set ip [lindex $argv 0] set password [lindex $argv 2] spawn ssh $user@$ip expect "password" send "$password\r" interact

Example:

  ./Remotelogin.exp <ip> <user name> <password>
+7
Sep 23 '16 at 5:23
source share

Use the fd0ssh helper tool (from hxtools, not pmt), it works without waiting for a specific request from the ssh program.

+6
Jan 24 2018-11-11T00:
source share

Also be sure to use

 send -- "$PWD\r"

instead, since passwords starting with a dash (-) will not work otherwise.

The above will not interpret the line starting with a dash as an option to the send command.

+6
Jan 22 '14 at 10:32
source share

Another way that I found it useful to use a small expected script from a bash script is as follows.

 ... bash-script start bash-commands ... expect - <<EOF spawn your-command-here expect "some-pattern" send "some-command" ... ... EOF ... more bash commands ...

This works because ...If the string "-" is supplied as a filename, standard input is read instead...

+4
Dec 30 '15 at 9:13
source share

sshpass works if you try to use it inside the target of the Sublime Text assembly, inside the Makefile. Instead of sshpass you can use passh : https://github.com/clarkwang/passh

With sshpass you would do:

 sshpass -p ssh user@host

With passh you would do:

 passh -p ssh user@host

Note. Remember to use -o StrictHostKeyChecking=no , otherwise the connection will hang when you use it for the first time. For example:

 passh -p ssh -o StrictHostKeyChecking=no user@host

Recommendations:

  1. Password send command does not work using expected script in ssh connection
  2. https://askubuntu.com/questions/87449/how-to-disable-strict-host-key-checking-in-ssh
  3. https://linuxcommando.blogspot.com/2008/10/how-to-disable-ssh-host-key-checking.html
  4. https://serverfault.com/questions/330503/scp-without-known-hosts-check
  5. https://debian-administration.org/article/587/pam_mount_and_sshfs_with_password_authentication
0
Apr 28 '19 at 8:37
source share


More articles:


All Articles