Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH password from file
Top Forums UNIX for Dummies Questions & Answers SSH password from file Post 302895873 by bakunin on Thursday 3rd of April 2014 04:44:16 AM
Old 04-03-2014
The reason why providing passwords to ssh (and similar commands, like passwd) is difficult ist, that - for security reasons - such programs clear <stdin>. A simple redirection program < /some/file or something to that effect will fail therefore.

Using expect or similar tools is possible, but the best solution is to stick with the key provided by the keyfile. Everything else is less secure and more error prone. It will always mean to store the password in a file and at some point of the execution to decrypt it (if it ever was encrypted in first place). If such a process provides enough security for you one has to wonder what you need passwords at all for.

I hope this helps.

bakunin
This User Gave Thanks to bakunin For This Post:
senthil.ak
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

no password ssh

Hello all, I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies

2. AIX

How to use SSH Secure File Transfer tool from windows to AIX without password?

If I use SSh Secure File Transfer tool on Windows, I want to transfer file from windows to AIX without password, how to do it? (6 Replies)
Discussion started by: rainbow_bean
6 Replies

3. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

4. Shell Programming and Scripting

SSH with password

Please help me I want connect to orther server using ssh. But I need to transfer password also without entering when it is prompts. Please help me. (1 Reply)
Discussion started by: saga499
1 Replies

5. AIX

While trying to do ssh without password, rsa key file is created as empty.

Hi i have aix 5.3 operating system, and i am trying to do ssh without passwd, when i tried to create a rsakey, it produces empty file as an output, how can solve that problem? why it is giving empty output file, i tried with different user, situation same,.i have restarted sshd server. .ssh... (2 Replies)
Discussion started by: nibiru78
2 Replies

6. UNIX for Dummies Questions & Answers

SSH with no password

How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies

7. Red Hat

ssh without password

Hi, I am trying to generate ssh without having to type a password. I have done this on numerous occasions using the procedure below and it has worked fine but not on this occasion. user1@sys1:ssh-keygen -t dsa -N "" <press enter for any questions> user1@sys1: ll .ssh/id_dsa.pub... (16 Replies)
Discussion started by: Duffs22
16 Replies

8. Shell Programming and Scripting

Ssh to 100s of hosts with password in a shell script or text file

I have about 500 hosts where I need to ssh by sending the password on the command line or in a text file in a clear text . However I am not able to download "sshpass" or other tools . Any other ways to pass the password in a script ? (3 Replies)
Discussion started by: gubbu
3 Replies

9. Red Hat

SSH password less setup asking for password

Hello Experts, when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect. to setup this I followed below process: -->generated keys by executing the command "ssh-keygen -t rsa" -->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies

10. UNIX for Beginners Questions & Answers

Ssh password

Hi there. I am fully aware of the security implications, but is there a way give a user password with the rsh and/or ssh commands? Such as: ssh user@192.168.0.56 -p password Or pass a config file to the command containing a password? I'm looking after a cluster and trying to use PSSH,... (6 Replies)
Discussion started by: MuntyScrunt
6 Replies

LEARN ABOUT DEBIAN

pwgen

PWGEN(1)						      General Commands Manual							  PWGEN(1)

NAME

       pwgen - generate pronounceable passwords

SYNOPSIS

       pwgen [ OPTION ] [ pw_length ] [ num_pw ]

DESCRIPTION

       The  pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible.  Human-memo-
       rable passwords are never going to be as secure as completely completely random passwords.  In particular,  passwords  generated  by  pwgen
       without	the -s option should not be used in places where the password could be attacked via an off-line brute-force attack.   On the other
       hand, completely randomly generated  passwords have a tendency to be written down, and are subject to being compromised in that fashion.

       The pwgen program is designed to be used both interactively, and in shell scripts.   Hence,  its  default  behavior  differs  depending	on
       whether the standard output is a tty device or a pipe to another program.  Used interactively, pwgen will display a screenful of passwords,
       allowing the user to pick a single password, and then quickly erase the screen.	This prevents someone from being able to  "shoulder  surf"
       the user's chosen password.

       When  standard  output  (stdout)  is  not  a tty, pwgen will only generate one password, as this tends to be much more convenient for shell
       scripts, and in order to be compatible with previous versions of this program.

       In addition, for backwards compatibility reasons, when stdout is not a tty and secure password generation  mode	has  not  been	requested,
       pwgen  will  generate  less secure passwords, as if the -0A options had been passed to it on the command line.  This can be overriden using
       the -nc options.  In the future, the behavior when stdout is a tty may change, so shell scripts using pwgen should explicitly  specify  the
       -nc or -0A options.  The latter is not recommended for security reasons, since such passwords are far too easy to guess.

OPTIONS

       -0, --no-numerals
	      Don't include numbers in the generated passwords.

       -1     Print the generated passwords one per line.

       -A, --no-capitalize
	      Don't bother to include any capital letters in the generated passwords.

       -a, --alt-phonics
	      This option doesn't do anything special; it is present only for backwards compatibility.

       -B, --ambiguous
	      Don't  use  characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'.  This reduces the number
	      of possible passwords significantly, and as such reduces the quality of the passwords.  It may be useful	for  users  who  have  bad
	      vision, but in general use of this option is not recommended.

       -c, --capitalize
	      Include at least one capital letter in the password.  This is the default if the standard output is a tty device.

       -C     Print the generated passwords in columns.  This is the default if the standard output is a tty device.

       -N, --num-passwords=num
	      Generate num passwords.  This defaults to a screenful if passwords are printed by columns, and one password.

       -n, --numerals
	      Include at least one number in the password.  This is the default if the standard output is a tty device.

       -H, --sha1=/path/to/file[#seed]
	      Will  use  the  sha1's  hash  of given file and the optional seed to create password. It will allow you to compute the same password
	      later, if you remember the file, seed, and pwgen's options used.	ie: pwgen -H ~/your_favorite.mp3#your@email.com gives  a  list	of
	      possibles passwords for your pop3 account, and you can ask this list again and again.

	      WARNING:	The  passwords	generated  using  this option are not very random.  If you use this option, make sure the attacker can not
	      obtain a copy of the file.  Also, note that the name of the file may be easily available	from  the  ~/.history  or  ~/.bash_history
	      file.

       -h, --help
	      Print a help message.

       -s, --secure
	      Generate	completely  random,  hard-to-memorize  passwords.   These  should only be used for machine passwords, since otherwise it's
	      almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...

       -v, --no-vowels
	      Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels.  It provides  less  secure  pass-
	      words to allow system administrators to not have to worry with random passwords accidentally contain offensive substrings.

       -y, --symbols
	      Include at least one special character in the password.

AUTHOR

       This  version  of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>.  It is modelled after a program originally written by Brandon S.
       Allbery, and then later extensively modified by Olaf Titz,  Jim Lynch, and others.  It was rewritten from scratch by Theodore Ts'o  because
       the original program was somewhat of a hack, and thus hard to maintain, and because the licensing status of the program was unclear.

SEE ALSO

       passwd(1)

pwgen version 2.05						   January 2006 							  PWGEN(1)
All times are GMT -4. The time now is 06:29 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy