Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Expect script ssh passwordless login
Top Forums Shell Programming and Scripting Expect script ssh passwordless login Post 302889574 by Corona688 on Friday 21st of February 2014 02:58:28 PM
Old 02-21-2014
Keys exist for a reason. Kludging stored passwords into a system designed to prevent you from kludging in stored passwords is a very bad idea. It's almost impossible to keep stored passwords secure.

Sometimes people have used expect temporarily to copy lots of keys to different servers.
 

9 More Discussions You Might Find Interesting

1. Red Hat

authorized_keys and passwordless login

I am trying to set up ssh/scp to be able to login in w/o using a password. The man pages for ssh and ssh-keygen explain how to do this. So, using "rsa1" style, I created the public and private keys by way of ssh-keygen, then added the contents of "$HOME/.ssh/identity.pub" to a newly created... (6 Replies)
Discussion started by: mcrouch_2003
6 Replies

2. Shell Programming and Scripting

Expect script to ssh into MMI

Guys, I know this is tricky.. I'm trying to write a script to pull info from a MMI device. Following script logins into the server and then changes to super user. Opens MMI session and then exits out. I need to run the command under the MMI session "dsp_alarm_span all" Is there any other way to... (2 Replies)
Discussion started by: miltonrods
2 Replies

3. Shell Programming and Scripting

SSH Expect Script

Ok, i don't know if anyone else here have had to deal with something like this before, but here's my situation. I have about 1000+ servers I need to log into to do something. What i need to do is to log into each server, go to a certain directory on each of the servers, copy the files that... (3 Replies)
Discussion started by: SkySmart
3 Replies

4. Solaris

Passwordless Login between users

Hi Gurus, Wanted to know if there is a way to enable passwordless login between specific users in a Solaris (5.9)server. I copied the public key of first user into the $HOME/.ssh/authorized_keys file of the second user. But it didn't work out. Note - Am talking about users in the same... (9 Replies)
Discussion started by: Hari_Ganesh
9 Replies

5. Solaris

passwordless login issue with ssh keys

Hi GUYS, Me have 2 servers, eg:: A & B id_dsa.pub key of B had been put in authorized_keys of A & Vice versa Passwordless login going from A to B. But while connecting from B to A ,its asking password Any one please help me out.. (6 Replies)
Discussion started by: racechap
6 Replies

6. HP-UX

Unable To Perform A "Passwordless" SSH Login To A Server

Greetings! I am trying to perform a passwordless SSH login from a HPUX 11.31 client to a HPUX 11.31 server. Whenever I do a "ssh -l root serverA" from the client, I am prompted for a password. Giving the password, I am able to successfully login. However I am trying to accomplish a... (9 Replies)
Discussion started by: Rob Sandifer
9 Replies

7. Solaris

[solved] Ssh passwordless login not working

This is Solaris 10 and sorce+destination are non root user. Somehow it is broke and I am not able to fix it. Already checked permissions on both servers and authorized_keys entry of destination is same as id_rsa.pub of source server. I can not regenerate keys on source server because I do not know,... (0 Replies)
Discussion started by: solaris_1977
0 Replies

8. Shell Programming and Scripting

SFTP or scp with password in a batch script without using SSH keys and expect script

Dear All, I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Discussion started by: ss112233
5 Replies

9. Ubuntu

Expect /bash, 2 ssh login users

HI all i need to connect to about 900 cisco routers and switch to do some configs changes. the issue i am having is that half the devices have one set of username and password and the other half have another username and password. From expect or bash script i can ssh into a device and make... (1 Reply)
Discussion started by: quintin
1 Replies

LEARN ABOUT SUNOS

ssh-keyscan

ssh-keyscan(1)							   User Commands						    ssh-keyscan(1)

NAME

       ssh-keyscan - gather public ssh host keys of a number of hosts

SYNOPSIS

       ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] [-] [host... | addrlist namelist]	[...]

DESCRIPTION

       ssh-keyscan  is	a  utility  for  gathering the public ssh host keys of a number of hosts. It was designed to aid in building and verifying
       ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts.  The output of  ssh-keyscan	is
       directed to standard output.

       ssh-keyscan  uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain
       of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh. For scanning,  one  does  not
       need login access to the machines that are being scanned, nor does the scanning process involve any encryption.

   File Format
       Input format:

       1.2.3.4,1.2.4.4
       name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4

       Output format for rsa1 keys:

       host-or-namelist bits exponent modulus

       Output format for rsa and dsa keys, where keytype is either ssh-rsa or `ssh-dsa:

       host-or-namelist keytype base64-encoded-key

OPTIONS

       The following options are supported:

       -f filename	       Read  hosts  or	addrlist namelist pairs from this file, one per line. If you specity - instead of a filename, ssh-
			       keyscan reads hosts or addrlist namelist pairs from the standard input.

       -p port		       Port to connect to on the remote host.

       -T timeout	       Set the timeout for connection attempts. If timeout seconds have elapsed since a connection was initiated to a host
			       or  since the last time anything was read from that host, the connection is closed and the host in question is con-
			       sidered unavailable. The default is for timeout is 5 seconds.

       -t type		       Specify the type of the key to fetch from the scanned hosts. The possible values for type  are  rsa1  for  protocol
			       version	1  and	rsa  or  dsa  for  protocol version 2. Specify multiple values by separating them with commas. The
			       default is rsa1.

       -v		       Specify verbose mode. Print debugging messages about progress.

       -4		       Force to use IPv4 addresses only.

       -6		       Forces to use IPv6 addresses only.

SECURITY

       If a ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users are vulnerable to  man-in-the-middle  attacks.
       If  the	security  model  allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man-in-the-middle attacks which
       have begun after the ssh_known_hosts file was created.

EXAMPLES

       Example 1: Printing the rsa1 Host Key

       The following example prints the rsa1 host key for machine hostname:

       $ ssh-keyscan hostname

       Example 2: Finding All Hosts

       The following commands finds all hosts from the	file  ssh_hosts  which	have  new  or  different  keys	from  those  in  the  sorted  file
       ssh_known_hosts:

       $ ssh-keyscan -t rsa,dsa -f ssh_hosts | 
	    sort -u - ssh_known_hosts | diff ssh_known_hosts -

FILES

       /etc/ssh_known_hosts

EXIT STATUS

       The following exit values are returned:

       0	No usage errors. ssh-keyscan might or might not have succeeded or failed to scan one, more or all of the given hosts.

       1	Usage error.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ssh(1), sshd(1M), attributes(5)

AUTHORS

       David Mazieres wrote the initial version, and Wayne Davison added suppport for protocol version 2.

BUGS

       ssh--keyscan generates

       Connection closed by remote host
       messages  on  the consoles of all machines it scans if the server is older than version 2.9. This is because ssh-keyscan opens a connection
       to the ssh port, reads the public key, and drops the connection as soon as it gets the key.

SunOS 5.10							    24 Jul 2004 						    ssh-keyscan(1)
All times are GMT -4. The time now is 09:50 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy