Connecting and transferring files to remote systems is what system administrators do all the time. SSH is a basic tool used by many system administrators on the Linux platform. SSH supports two forms of authentication:
- 1. Password authentication
- 2. Public key authentication
Public key authentication is considered the most secure form of the two methods, although password authentication is the most popular and easiest. However, when password authentication is used, the user is always required to enter a password. The repetition is tedious. In addition, SSH requires manual intervention when used in shell scripts. If you need to automate authentication using SSH passwords, a simple tool, sshpass, is essential.
What is a sshpass
The sshpass utility is designed to run SSH in keyboard-interactive password authentication mode, but in a non-interactive manner.
SSH uses direct TTY access to ensure that the password is actually issued by the interactive keyboard user. Sshpass runs SSH on a dedicated TTY, making SSH think it got the password from an interactive user.
Install sshpass
You can install sshpass using the following simple commands:
> yum install sshpass -y
Copy the codeUsing sshpass
Specify the command to run after the sshpass option. Typically, the command SSH takes parameters, but it could be any other command. However, SSH password prompts are now hard-coded as sshpass.
sshpass [-f filename | -d num | -p password | -e] [options]
Copy the codeCommand options
-p Password The password is specified on the cli. -f File name The password is the first line of the file name. -d number Number is the file descriptor that sshpass inherits from the running program. Read the password from an open file descriptor. -e The password is from the environment variable "SSHPASS".Copy the codeUsed forsshpassLog in to the remote server over SSH. Assume that the password is4u2tryhack. Here are a few ways to use the sshpass option.
Use -p (this is the least safe option and should not be used) :
> sshpass -p "4u2tryhack" ssh [email protected]
Copy the code-p when used in shell scripts, the option is as follows:
> sshpass -p "4u2tryhack" ssh -o StrictHostKeyChecking=no [email protected]
Copy the codeuse-fOptions (the password should be the first line of the file name) :
> echo'4u2tryhack' > pass_file
> chmod 0400 pass_file
> sshpass -f pass_file ssh [email protected]
Copy the code-fUse the following options in your shell script:
> sshpass -f pass_file ssh -o StrictHostKeyChecking=no [email protected]
Copy the codeuse-eOption (the password should be the first line of the file name)
$ SSHPASS='4u2tryhack' sshpass -e ssh [email protected]
Copy the code-eWhen used in a shell script, the option looks like this:
> SSHPASS ='4u2tryhack' sshpass -e ssh -o StrictHostKeyChecking=no [email protected]
Copy the codeExample 2: Rsync
Sshpass with rsync:
> SSHPASS='4u2tryhack' rsync --rsh="sshpass -e ssh -l username" /rumenz/ rumenz.com:/opt/rumenz/
Copy the codeThe -e option was used above, which passes the password to the environment variable SSHPASS
We can-fUse the switch like this:
> rsync --rsh="sshpass -f pass_file ssh -l username" /rumenz/ rumenz.com:/opt/rumenz/
Copy the codeExample 3: Scp
Using sshPass with SCP:
> scp -r /var/www/html --rsh="sshpass -f pass_file ssh -l user" rumenz.com:/var/www/html
Copy the codeExample 4: GPG
You can also use sshpassGPG for encrypted files. When the -f switch is used, the reference file is in plain text format. Let’s see how to use GPG to encrypt files and use it.
First, create a file like this:
> echo '4u2tryhack'> .sshpasswd
Copy the codeNext, encrypt the file with the following GPG command:
> gpg -c .sshpasswd
Copy the codeDelete files that contain plaintext:
> rm .sshpasswd
Copy the codeFinally, use it as follows:
> gpg -d -q .sshpassword.gpg > pass_file; sshpass -f pass_file ssh [email protected]
Copy the codeOriginal link :rumenz.com/rumenbiji/l… Wechat official account: entry station