08-10-2011
Quote:
Originally Posted by
pludi
You can't, and this isn't a bug, it's a feature to prevent anyone on the same machine from getting at your password. Using expect to circumvent this is already a very bad idea in my opinion.
If you don't want to enter a password, use public key authentication.
Thanks for quick response.
I have never used public key authentication. Can you please give me an example on how to use it in SSH script.
Appreciate you help.
Thanks,
Shrawan
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Could someone please help me...I have an expect script. There's a need for a log in during the script and a password is required...right now the password is just a variable in the expect script...what would be the best way to put that in an encrypted flat file and have the expect script pull the... (2 Replies)
Discussion started by: cubs0729
2 Replies
2. Shell Programming and Scripting
I have a requirement, I need to run a command at remote system using a ssh. Is there any way we can pass the username and password in shell script to the ssh command as we did it in one of the shell script for FTP.
ftp -n $i <<!EOF >>
user Username $PASSWD
cd /home/scripts
... (5 Replies)
Discussion started by: Muktesh
5 Replies
3. Shell Programming and Scripting
ssh/sftp login by passing password , is it possible.Don't want to expect. (1 Reply)
Discussion started by: dinjo_jo
1 Replies
4. Shell Programming and Scripting
Used the script posted on forum - unix.com/shell-programming-scripting/21597-script-change-passwords-same-user-multiple-servers.html but the last question posted on this seems to be still unanswered, tried different things with no success, can someone help giving an way to pass the password via... (5 Replies)
Discussion started by: sapadmin
5 Replies
5. Shell Programming and Scripting
I want to do following 2 commands via script:
1) eval `ssh-agent`2) ssh-add /export/home/sufuser/.ssh/id_rsa When asked for passphrase enter "passwordpassword1234
but whenever I run the script it stucks after "ssh-add /export/home/sufuser/.ssh/id_rsa" command and asks fro... (4 Replies)
Discussion started by: yogeshpawar
4 Replies
6. Shell Programming and Scripting
Hi gurus, I am trying to do some expect/TCL magic. My goal is to write some kind of password guessing script (nearly similar to dictionary attack against ssh). I read that this could be possible with expect/TCL, I am newbie in this language, its function and its terms so please be patient ;)
... (3 Replies)
Discussion started by: wakatana
3 Replies
7. Shell Programming and Scripting
Hi
I'm trying to run a script " abc.sh" which triggers "use.sh" .
abc.sh is nothing but a "expect" script which provides username and password automatically to the use.sh script.
Please find below the scripts:
#abc.sh
#!/usr/bin/expect -f
exec /root/use.sh
expect "*name*"
send... (1 Reply)
Discussion started by: baddykam
1 Replies
8. Shell Programming and Scripting
Hi Experts,
I have specific requirement where I want to pass the password with the ssh username@hostname command .
I dont want to use RSA public and private keys also. Because that will be on production server and no one wants to give access like that.
Second thing it is production... (14 Replies)
Discussion started by: sharsour
14 Replies
9. Shell Programming and Scripting
Dear All,
I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Discussion started by: ss112233
5 Replies
10. Shell Programming and Scripting
Newbie here. My goal is to have the expect script log into the Ubuntu 18.04 server and run two commands (lsb_release -a and ip addr) and eventually pipe the output/results to a file. For now, I would be happy to get this one command or two to run successfully. How to fix this?
#!/usr/bin/expect ... (3 Replies)
Discussion started by: jacob600
3 Replies
LEARN ABOUT FREEBSD
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
SYNOPSIS
[service-name] module-type control-flag pam_ssh [options]
DESCRIPTION
The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
In terms of the module-type parameter, they are the ``auth'' and ``session'' features.
SSH Authentication Module
The SSH authentication component provides a function to verify the identity of a user (pam_sm_authenticate()), by prompting the user for a
passphrase and verifying that it can decrypt the target user's SSH key using that passphrase.
The following options may be passed to the authentication module:
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, that password
is used to authenticate the user. If this fails, the authentication module returns failure without prompting the user for a
password. This option has no effect if the authentication module is the first in the stack, or if no previous modules
obtained the user's password.
try_first_pass This option is similar to the use_first_pass option, except that if the previously obtained password fails, the user is
prompted for another password.
nullok Normally, keys with no passphrase are ignored for authentication purposes. If this option is set, keys with no passphrase
will be taken into consideration, allowing the user to log in with a blank password.
SSH Session Management Module
The SSH session management component provides functions to initiate (pam_sm_open_session()) and terminate (pam_sm_close_session()) sessions.
The pam_sm_open_session() function starts an SSH agent, passing it any private keys it decrypted during the authentication phase, and sets
the environment variables the agent specifies. The pam_sm_close_session() function kills the previously started SSH agent by sending it a
SIGTERM.
The following options may be passed to the session management module:
want_agent Start an agent even if no keys were decrypted during the authentication phase.
FILES
$HOME/.ssh/identity SSH1 RSA key
$HOME/.ssh/id_rsa SSH2 RSA key
$HOME/.ssh/id_dsa SSH2 DSA key
$HOME/.ssh/id_ecdsa SSH2 ECDSA key
SEE ALSO
ssh-agent(1), pam.conf(5), pam(8)
AUTHORS
The pam_ssh module was originally written by Andrew J. Korty <ajk@iu.edu>. The current implementation was developed for the FreeBSD Project
by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
(``CBOSS''), as part of the DARPA CHATS research program. This manual page was written by Mark R V Murray <markm@FreeBSD.org>.
BSD
October 7, 2011 BSD