Sponsored Content
Operating Systems Solaris How to disable/bypass passphrase prompt in ssh? Post 302753443 by Corona688 on Tuesday 8th of January 2013 04:23:46 PM
Old 01-08-2013
Injecting passwords is not so much a "security risk" as "completely forgetting the point". Perhaps save yourself some trouble and just remove the password instead.

I expect you could do it with expect, but don't really see any reason to do so. It's no more secure than not having a password.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

ssh - at login Passphrase for key required

Hello, I want to use a shell-script to transfer data over sftp. I donīt find a way to login in automatically. I tried to send the password in a script like possible with ftp sftp user@server << cmd password cd /distant/directory lcd /local/directoryget ssh_install get ( or put) your... (2 Replies)
Discussion started by: olso
2 Replies

2. UNIX for Advanced & Expert Users

passphrase and ssh authentication

In which case could be better don't use a passphrase creating an authentication key for ssh comunications? Thanks in advance. (1 Reply)
Discussion started by: Minguccio75
1 Replies

3. Solaris

SSH passphrase and Password

Hello all, Today we run ssh with keys on all our Solaris systems. But I wounder: Is it possible to add another authentication too. Like the os/system regular password so the users first need to enter the ssh phasssphrase and after that they need to enter the os/system password. I need like... (3 Replies)
Discussion started by: jOOc
3 Replies

4. Solaris

rm -r does not disable interactive prompt

For some reason, when I try to delete files using rm -r, it doesn not disable the interactive prompt. Any ideas? I am on a sun solaris 10 box. (9 Replies)
Discussion started by: mrx1350
9 Replies

5. Shell Programming and Scripting

automated ssh with provision for passphrase

Below is a part of my shell script. Currently I have shared the public key of the client with the host, therefore I will not be prompted for the password. The key that has been created on the client is also without a passphrase. If it is created with a passphrase, the code I have will not... (3 Replies)
Discussion started by: farahzaiba
3 Replies

6. Shell Programming and Scripting

How can I bypass the Prompt in SFTP

I am on a sun solaris server and trying to create a script that will test if SFTP is up and running on a remote server (which could be unix or windows). My thought was to simply invoke sftp and if I get the prompt ofr "Password" then that is an indication that the service is running and I am... (2 Replies)
Discussion started by: pierluigi22
2 Replies

7. UNIX for Advanced & Expert Users

ssh: require passphrase from some servers but not others

We have a number of linux clusters running Oracle. The clusters require that all member nodes have promptless/passwordless login through ssh (ie. the keys were created with null passphrases). We also have a management server that is not a member of any cluster but routinely connects to nodes of all... (3 Replies)
Discussion started by: Squeakygoose
3 Replies

8. OS X (Apple)

ssh passphrase issues - Mac OS X

ssh passphrase permissions issues I will try to be as thorough as possible, but keep in mind I am a designer, not a programmer... I do have linux mdadm experience and am reasonably comfortable behind the terminal, but I may need things to be spelled out for me. I am using 2 new-ish Macs with... (1 Reply)
Discussion started by: Ahab the Eskimo
1 Replies

9. Cybersecurity

Disable SSH 1.99 version?

Hello. My security audit reconise SSH 1.99 protocol version allowed. But in my sshd_config config is only: SSH version: How can I disable support for ssh protocol 1.99 version? (1 Reply)
Discussion started by: jabalv
1 Replies

10. Shell Programming and Scripting

Supply passphrase for ssh in script

I would like to write a bash shell script which will connect to remote server using passphrase. (I have public-private infrastructure created, and as per instruction, I must not use password less ssh). This particular script will be fired from cron. Can you please advice how I can supply the... (2 Replies)
Discussion started by: atanubanerji
2 Replies
puttygen(1)							 PuTTY tool suite						       puttygen(1)

NAME
puttygen - public-key generator for the PuTTY tools SYNOPSIS
puttygen ( keyfile | -t keytype [ -b bits ] ) [ -C new-comment ] [ -P ] [ -q ] [ -O output-type | -l | -L | -p ] [ -o output-file ] DESCRIPTION
puttygen is a tool to generate and manipulate SSH public and private key pairs. It is part of the PuTTY suite, although it can also inter- operate with the private key formats used by some other SSH clients. When you run puttygen, it does three things. Firstly, it either loads an existing key file (if you specified keyfile), or generates a new key (if you specified keytype). Then, it optionally makes modifications to the key (changing the comment and/or the passphrase); finally, it outputs the key, or some information about the key, to a file. All three of these phases are controlled by the options described in the following section. OPTIONS
In the first phase, puttygen either loads or generates a key. Note that generating a key requires random data (from /dev/random), which can cause puttygen to pause, possibly for some time if your system does not have much randomness available. The options to control this phase are: keyfile Specify a private key file to be loaded. This private key file can be in the (de facto standard) SSH-1 key format, or in PuTTY's SSH-2 key format, or in either of the SSH-2 private key formats used by OpenSSH and ssh.com's implementation. -t keytype Specify a type of key to generate. The acceptable values here are rsa and dsa (to generate SSH-2 keys), and rsa1 (to generate SSH-1 keys). -b bits Specify the size of the key to generate, in bits. Default is 1024. -q Suppress the progress display when generating a new key. In the second phase, puttygen optionally alters properties of the key it has loaded or generated. The options to control this are: -C new-comment Specify a comment string to describe the key. This comment string will be used by PuTTY to identify the key to you (when asking you to enter the passphrase, for example, so that you know which passphrase to type). -P Indicate that you want to change the key's passphrase. This is automatic when you are generating a new key, but not when you are modifying an existing key. In the third phase, puttygen saves the key or information about it. The options to control this are: -O output-type Specify the type of output you want puttygen to produce. Acceptable options are: private Save the private key in a format usable by PuTTY. This will either be the standard SSH-1 key format, or PuTTY's own SSH-2 key format. public Save the public key only. For SSH-1 keys, the standard public key format will be used (`1024 37 5698745...'). For SSH-2 keys, the public key will be output in the format specified by RFC 4716, which is a multi-line text file beginning with the line `---- BEGIN SSH2 PUBLIC KEY ----'. public-openssh Save the public key only, in a format usable by OpenSSH. For SSH-1 keys, this output format behaves identically to public. For SSH-2 keys, the public key will be output in the OpenSSH format, which is a single line (`ssh-rsa AAAAB3NzaC1yc2...'). fingerprint Print the fingerprint of the public key. All fingerprinting algorithms are believed compatible with OpenSSH. private-openssh Save an SSH-2 private key in OpenSSH's format. This option is not permitted for SSH-1 keys. private-sshcom Save an SSH-2 private key in ssh.com's format. This option is not permitted for SSH-1 keys. If no output type is specified, the default is private. -o output-file Specify the file where puttygen should write its output. If this option is not specified, puttygen will assume you want to overwrite the original file if the input and output file types are the same (changing a comment or passphrase), and will assume you want to output to stdout if you are asking for a public key or fingerprint. Otherwise, the -o option is required. -l Synonym for `-O fingerprint'. -L Synonym for `-O public-openssh'. -p Synonym for `-O public'. The following options do not run PuTTYgen as normal, but print informational messages and then quit: -h, --help Display a message summarizing the available options. -V, --version Display the version of PuTTYgen. --pgpfp Display the fingerprints of the PuTTY PGP Master Keys, to aid in verifying new files released by the PuTTY team. EXAMPLES
To generate an SSH-2 RSA key pair and save it in PuTTY's own format (you will be prompted for the passphrase): puttygen -t rsa -C "my home key" -o mykey.ppk To generate a larger (2048-bit) key: puttygen -t rsa -b 2048 -C "my home key" -o mykey.ppk To change the passphrase on a key (you will be prompted for the old and new passphrases): puttygen -P mykey.ppk To change the comment on a key: puttygen -C "new comment" mykey.ppk To convert a key into OpenSSH's private key format: puttygen mykey.ppk -O private-openssh -o my-openssh-key To convert a key from another format (puttygen will automatically detect the input key type): puttygen my-ssh.com-key -o mykey.ppk To display the fingerprint of a key (some key types require a passphrase to extract even this much information): puttygen -l mykey.ppk To add the OpenSSH-format public half of a key to your authorised keys file: puttygen -L mykey.ppk >> $HOME/.ssh/authorized_keys BUGS
There's currently no way to supply passphrases in batch mode, or even just to specify that you don't want a passphrase at all. PuTTY tool suite 2004-03-24 puttygen(1)
All times are GMT -4. The time now is 01:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy