04-10-2012
The proper way to use ssh automatically is with keys. Google "passwordless ssh" and you'll find dozens of tutorials all over the internet. "interactive password authentication" means "password typed by a human being in realtime authentication" and nothing else is supposed to do.
That's why it's such a hassle to do this, why you have to use a third-party brute-force hacking utility like expect to even try -- the program designers were helpful enough to design this -- and many other login systems -- in this manner to prevent you from easily making this mistake. It's a very, very bad idea to inject passwords on a regular basis. It's almost impossible to keep retrievably-stored passwords safe.
Last edited by Corona688; 04-10-2012 at 12:11 PM..
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
This is my shell script which calls an expect file, i am trying to find out server.log file sizes on various servers. But what should be correct way to do that, is there any way i can run a for loop inside the expect file which can take cat <filename> as input. I know for can be used in expect file... (1 Reply)
Discussion started by: tonan
1 Replies
2. Shell Programming and Scripting
Hi All,
Has anyone used expect script in a shell script or vice versa. I have a script which would ssh and scp to other machines. I need to use expect script so that user does not have to enter the password everytime ssh/scp command is executed.
The script is as below. I need to pass the... (0 Replies)
Discussion started by: nua7
0 Replies
3. Shell Programming and Scripting
I am trying to write a shell script that launches an expect script and then use results of the expect script in the rest of the shell script.
The expect script is connecting to a remote host and looking up certian user info like UID and home directory. This part is working
I then want the... (2 Replies)
Discussion started by: kaltekar
2 Replies
4. Shell Programming and Scripting
Hi I have written one shell script , using that i am able to connect to remote machine but i have to
#!/usr/bin/expect -f
set address
set username
set password
set OOLpath
set dbusername
set dbpasswd
set tnsname
set recdbusername
set recdbpasswd
set rectnsname
spawn ssh... (1 Reply)
Discussion started by: mnmonu
1 Replies
5. Shell Programming and Scripting
I have the code like this :
shell script continues ...
....
expect -c"
spawn telnet $ip
expect "login:"
send \"$usrname\r\"
expect "Password:"
send \"$passwd\r\"
expect "*\>"
send \"$cmdstr\r\"
... (1 Reply)
Discussion started by: robbiezr
1 Replies
6. Programming
Hi All,
I am using a expect script to run a shell script on remote server, the code is as follows. But the problem is that it executes only first command, and hangs it doesn't run the next commands.
spawn ssh $uid@$host
expect "password:"
send "$password\r"
expect "*\r"
send... (2 Replies)
Discussion started by: yashwanthsn
2 Replies
7. Shell Programming and Scripting
Hi there,
I need some help regarding the execution of shell script from expect as the method I am trying is giving me error. I wrote an shell program which takes two arguments to telnet to a device and saves the output in a file. Following is the script.... (0 Replies)
Discussion started by: cyberparanoid
0 Replies
8. Shell Programming and Scripting
Hi All,
I have a expect script which is working for single server, but if i am trying to pass value of the variable inside expect, it is not working. Please see below :-
expect -c 'spawn ssh username@ip_address ; expect assword ; send "Password1\n" ; send "uptime \n" ; send "free -m \n" ;... (0 Replies)
Discussion started by: Renjesh
0 Replies
9. Shell Programming and Scripting
Shell Scipt: temp.sh
su - <$username>
expect pass.exp
Expect script: pass.exp
#!/usr/bin/expect -f
# Login
#######################
expect "Password: " send "<$password>\r"
it comes up with Password: but doesnt take password passed throguh file. (2 Replies)
Discussion started by: bhavesh.sapra
2 Replies
10. Shell Programming and Scripting
Hi I have two scripts one is Expect and other is shell.
I want to merge Expect code in to Shell script so that i can run it using only one script. Can somebody help me out ?
Order to execute: Run Expect_install.sh first and then when installation completes run runTests.sh shell script.
... (1 Reply)
Discussion started by: ashish_neekhra
1 Replies
LEARN ABOUT MINIX
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)