Adding Password To .ssh/config


Answer :

Solution 1:

No, There is no method to specify or provide on the command line the password in a non-interactive manner for ssh authentication using a openssh built-in mechanism. At least not one what I know of. You could hardcode your password into expect script but it is not a good solution either.

You definitely would want to use keypairs for passwordless authentication as Michael stated, in the end private key is pretty much a big password in the file.

Solution 2:

To avoid the string of comments: Yes, this is insecure (not even arguably insecure). I would strongly recommend you only do it in a lab situation on an isolated network or a similiar situation that does not involve production servers or potentientially production server without a full reset/format.

I wanted to set this up as I don't think my 2950 switch supports private/public keys and I hope at some point to get that knowledge, but I am not there yet.

Using an alias and sshpass this can be accomplished.

  1. Install sshpass
  2. Alter your .ssh/config file to include the username as listed in the question
  3. Add an alias to your terminal (I used .bashrc and would recommend against gloabl settings)
  4. Use alias to log into the target

My example alias is:

alias ssc='sshpass -pcisco ssh'

Where "cisco" is the password. Note there is no space between the -p and the password.

Usage is (referencing the question):

ssc server1

Note: This answers the question in title only for those using search engines. If you are using servers like the question example, private/public key pairs and not this answer should be used

Solution 3:

Yes, as mentioned above there's no way to save the password simply. I would recommend using ssh key for authorization.

first, generate your key :

ssh-keygen

Then copy the key around on your servers/desktops :

ssh-copy-id -i .ssh/id_rsa.pub user@ip-address:

That's all. You will never be asked for the password again.

I also recommend removing password authorization in general but that's up to you.

Solution 4:

There's no way to do this with ssh, it's as insecure as it can get.

As Danila mentioned you could use expect scripts but I wouldn't bother.

I wonder what are you trying to achieve? Do you want to hop from one server to another? In this case you want to setup and use ssh-agent on your workstation and enable agent forwarding on the target hosts; this way the credential exchange with be routed to your local agent without having to copy your private key around.

Solution 5:

I use this script from ~/.local/bin directory

#!/usr/bin/bash  ORIG_SSH=/usr/bin/ssh HOST=$1  SSHPASS=$(grep -Pzo "Host $HOST"'\s*\n((?!Host).*\n)*#PS\s(\N+)\n' ~/.ssh/config|tail -n 2|head -n 1 | sed 's/#PS //') if [ -n $SSHPASS ]; then     export SSHPASS     sshpass -e $ORIG_SSH $@ else     $ORIG_SSH $@ fi

Which allows me to specify passphrase as #PS <password> in .ssh/config file.

But, as everybody says, it's better to use ssh-keys with ssh-agent when it's possible


Comments

Post a Comment

Popular posts from this blog

Converting A String To Int In Groovy

Answer : Use the toInteger() method to convert a String to an Integer , e.g. int value = "99".toInteger() An alternative, which avoids using a deprecated method (see below) is int value = "66" as Integer If you need to check whether the String can be converted before performing the conversion, use String number = "66" if (number.isInteger()) { int value = number as Integer } Deprecation Update In recent versions of Groovy one of the toInteger() methods has been deprecated. The following is taken from org.codehaus.groovy.runtime.StringGroovyMethods in Groovy 2.4.4 /** * Parse a CharSequence into an Integer * * @param self a CharSequence * @return an Integer * @since 1.8.2 */ public static Integer toInteger(CharSequence self) { return Integer.valueOf(self.toString().trim()); } /** * @deprecated Use the CharSequence version * @see #toInteger(CharSequence) */ @Deprecated public static Integer toInteger(String self) { return toInteg
Read more

"Cannot Create Cache Directory /home//.composer/cache/repo/https---packagist.org/, Or Directory Is Not Writable. Proceeding Without Cache"

Answer : if anyone pass through here, this is shorter solution: sudo chown -R $USER $HOME/.composer it seems to me the group information is missing in your command sudo chown -R <user> /home/<user>/.composer/cache/repo/https---packagist.org Shoud be sudo chown -R <user>:<group> /home/<user>/.composer/cache/repo/https---packagist.org But to avoid other permission issues, I would rather advise: sudo chown -R <user>:<group> /home/<user>/.composer/cache (you'll need access to other folders in there) and sudo chown <user>:<group> /home/<user>/.composer To make sure your user has permissions enough on the global composer folder. Mind the missing recursion so the user don't own keys created by root. If you need to find out the group: groups <user>
Read more

Android How Can I Convert A String To A Editable

Answer : As you probably found out, Editable is an interface so you cannot call new Editable() . However an Editable is nothing more than a String with Spannables, so use SpannableStringBuilder: Editable editable = new SpannableStringBuilder("Pass a string here"); If you only want to change the Spannables, never the text itself, you can use a basic SpannableString. Use Editable.Factory.getInstance().newEditable(str) From the android documentation: Returns a new SpannedStringBuilder from the specified CharSequence. You can override this to provide a different kind of Spanned.
Read more