Hi all, I'm trying to scp some files from machine1 to machine2. But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob. However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this? Any examples are great help. Thank you.
Fajar Priyanto wrote:
Hi all, I'm trying to scp some files from machine1 to machine2. But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :(
you really should convince whomever has made that boneheaded decision that its a lot MORE secure than requiring you to put the password in plaintext scripts
So, I'm confused how to automate it as cronjob. However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt
dunno, never tried. seems to have a nice long man page with lots of examples.
Hi,
On Tue, Nov 11, 2008 at 04:42, Fajar Priyanto fajarpri@arinet.org wrote:
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob.
Before you start, consider enabling public keys or requesting that to your sysadmin, since using them is much more secure than storing your passwords in text scripts.
However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this?
Yes.
Any examples are great help.
Google is your friend. http://bash.cyberciti.biz/security/expect-ssh-login-script/
(DISCLAIMER: I haven't tested the script above. Google it yourself if you want to see others.)
HTH, Filipe
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Filipe Brandenburger wrote:
Hi,
On Tue, Nov 11, 2008 at 04:42, Fajar Priyanto fajarpri@arinet.org wrote:
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob.
Before you start, consider enabling public keys or requesting that to your sysadmin, since using them is much more secure than storing your passwords in text scripts.
However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this?
Yes.
Any examples are great help.
Google is your friend. http://bash.cyberciti.biz/security/expect-ssh-login-script/
Thanks guys, Yes, I agree keybased ssh is much more secure right. Let see what I can do.
- -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 13:10:54 up 5:02, 2.6.24-18-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn.
Hi all, I'm trying to scp some files from machine1 to machine2. But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob. However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this? Any examples are great help. Thank you.
Use autoexpect. It will write the expect script for you. I can't think of any reason why this wouldn't work.
Barry
On Tue, Nov 11, 2008 at 5:03 AM, Barry Brimer lists@brimer.org wrote:
Use autoexpect. It will write the expect script for you. I can't think of any reason why this wouldn't work.
It probably will, but there are severe security issues with this sort (plain text passwords) of approach. I try to avoid those like the plague they can turn out to be, usually when you least expect or need it.
mhr
Quoting MHR mhullrich@gmail.com:
On Tue, Nov 11, 2008 at 5:03 AM, Barry Brimer lists@brimer.org wrote:
Use autoexpect. It will write the expect script for you. I can't think of any reason why this wouldn't work.
It probably will, but there are severe security issues with this sort (plain text passwords) of approach. I try to avoid those like the plague they can turn out to be, usually when you least expect or need it.
There are no doubt severe security issues with this method, but the OP stated that key-authenticated sessions were not permissible. He would be better off encouraging the powers that be to allow key-authenticated session.
On Tue, Nov 11, 2008 at 9:25 AM, Barry Brimer lists@brimer.org wrote:
There are no doubt severe security issues with this method, but the OP stated that key-authenticated sessions were not permissible. He would be better off encouraging the powers that be to allow key-authenticated session.
Absolutely!
Actually, the devious mind latches onto this discussion and prompts the OP to provide a demonstration....
Non-destructive, of course....
;^)
mhr
Fajar Priyanto wrote:
Hi all, I'm trying to scp some files from machine1 to machine2. But, I'm in an environment where PubKeyAuthentication is not allowed in ssh :( So, I'm confused how to automate it as cronjob. However, I read somewhere that we can write a little bash script that will utilize 'expect' to answer for the ssh password prompt? Can we do this? Any examples are great help. Thank you.
I would concur with everyone else who says you really should be using public keys for this sort of thing. But, another option, if you're really forced to use it, is to set the SSH_ASKPASS environment variable to a program that spits out the password, and then ssh will use that for the password instead of prompting the user for it. (See 'ssh' man page)...
Definitely not recommended, for all the reasons stated in replies to this thread...
-Greg