You're probably far better off to use ssh-keygen and public key authentication...
The quickie method:
ssh-keygen -f qlogin -t rsa
When it asks for a password, just hit enter twice. This creates a passwordless private key file.
There will be two files: qlogin and qlogin.pub
qlogin.pub is the public key. copy it to the destination box, and add it to the appropriate user's .ssh/authorized_keys2 file. It doesn't need MUCH protection, unless you have enemies in the NSA. Nontheless, it is prudent to make it readable only by the owner.
At this point, you can simply go:
ssh -i qlogin user@remotebox
In this case the contents of the qlogin file is (effectively) your pasword, and should only be readable by yourself (mode 400)
On the destination end, you can also modify the key to limit what you can do with it -- most notably, you can limit it so that you can only run a specific command:
if the original key looks like:
ssh-rsa AAAAB3NzaC1yc......HzoU= samuel@xxxxxxxxxx
(I deleted most of the key and replaced with .....)then prepend the following: command="/home/me/bin/dothis" ssh-rsa AAAAB3NzaC1yc......HzoU= samuel@xxxxxxxxxx
At that point, anybody who gets hold of the key will ONLY beable to run the /home/me/bin/dothis program (no matter what they put on the ssh comand line). You might also want to turn things like port forwarding off.
DerPuh wrote:
Hi everybody!
I have to find a possibility to send a password directly to the ssh password-prompt with a shell-script...
i tried to send it by pipe but it is blocked by the client...
does anyone have an idea if it is possible and if it is, how it works?
thx, DerPuh
-- Stephen Samuel +1(604)876-0426 samuel@xxxxxxxxxxx http://www.bcgreen.com/~samuel/ Powerful committed communication. Transformation touching the jewel within each person and bringing it to light. - : send the line "unsubscribe linux-admin" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
