04-03-2014
The reason why providing passwords to ssh (and similar commands, like passwd) is difficult ist, that - for security reasons - such programs clear <stdin>. A simple redirection program < /some/file or something to that effect will fail therefore.
Using expect or similar tools is possible, but the best solution is to stick with the key provided by the keyfile. Everything else is less secure and more error prone. It will always mean to store the password in a file and at some point of the execution to decrypt it (if it ever was encrypted in first place). If such a process provides enough security for you one has to wonder what you need passwords at all for.
I hope this helps.
bakunin
This User Gave Thanks to bakunin For This Post:
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello all,
I would like to know if anyone had ever set up a network in which they used DHCP and OPENSSH with no password. I can configure my ssh files to allow me to enter any machine without a password as long as I have generated the public and private keysa nd store them in my .ssh/aut... ... (3 Replies)
Discussion started by: larryase
3 Replies
2. AIX
If I use SSh Secure File Transfer tool on Windows, I want to transfer file from windows to AIX without password, how to do it? (6 Replies)
Discussion started by: rainbow_bean
6 Replies
3. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
4. Shell Programming and Scripting
Please help me
I want connect to orther server using ssh. But I need to transfer password also without entering when it is prompts. Please help me. (1 Reply)
Discussion started by: saga499
1 Replies
5. AIX
Hi
i have aix 5.3 operating system, and i am trying to do ssh without passwd, when i tried to create a rsakey, it produces empty file as an output, how can solve that problem? why it is giving empty output file, i tried with different user, situation same,.i have restarted sshd server. .ssh... (2 Replies)
Discussion started by: nibiru78
2 Replies
6. UNIX for Dummies Questions & Answers
How to setup SSH to not require a password when establishing an SSH connection from server A to server B for particular user? (4 Replies)
Discussion started by: sam101
4 Replies
7. Red Hat
Hi,
I am trying to generate ssh without having to type a password.
I have done this on numerous occasions using the procedure below and it has worked fine but not on this occasion.
user1@sys1:ssh-keygen -t dsa -N ""
<press enter for any questions>
user1@sys1: ll .ssh/id_dsa.pub... (16 Replies)
Discussion started by: Duffs22
16 Replies
8. Shell Programming and Scripting
I have about 500 hosts where I need to ssh by sending the password on the command line or in a text file in a clear text . However I am not able to download "sshpass" or other tools .
Any other ways to pass the password in a script ? (3 Replies)
Discussion started by: gubbu
3 Replies
9. Red Hat
Hello Experts,
when I am trying to connect my target server through sftp after creating ssh password less setup, it is asking for passowrd to connect.
to setup this I followed below process:
-->generated keys by executing the command "ssh-keygen -t rsa"
-->this created my .ssh directory... (9 Replies)
Discussion started by: Devipriya Ch
9 Replies
10. UNIX for Beginners Questions & Answers
Hi there.
I am fully aware of the security implications, but is there a way give a user password with the rsh and/or ssh commands?
Such as: ssh user@192.168.0.56 -p password
Or pass a config file to the command containing a password?
I'm looking after a cluster and trying to use PSSH,... (6 Replies)
Discussion started by: MuntyScrunt
6 Replies
LEARN ABOUT FREEBSD
enigma
ENIGMA(1) BSD General Commands Manual ENIGMA(1)
NAME
enigma, crypt -- very simple file encryption
SYNOPSIS
enigma [-s] [-k] [password]
crypt [-s] [-k] [password]
DESCRIPTION
The enigma utility, also known as crypt is a very simple encryption program, working on a ``secret-key'' basis. It operates as a filter,
i.e., it encrypts or decrypts a stream of data from standard input, and writes the result to standard output. Since its operation is fully
symmetrical, feeding the encrypted data stream again through the engine (using the same secret key) will decrypt it.
There are several ways to provide the secret key to the program. By default, the program prompts the user on the controlling terminal for
the key, using getpass(3). This is the only safe way of providing it.
Alternatively, the key can be provided as the sole command-line argument password when starting the program. Obviously, this way the key can
easily be spotted by other users running ps(1). As yet another alternative, enigma can be given the option -k, and it will take the key from
the environment variable CrYpTkEy. While this at a first glance seems to be more secure than the previous option, it actually is not since
environment variables can also be examined with ps(1). Thus this option is mainly provided for compatibility with other implementations of
enigma.
When specifying the option -s, enigma modifies the encryption engine in a way that is supposed to make it a little more secure, but incompat-
ible with other implementations.
Warning
The cryptographic value of enigma is rather small. This program is only provided here for compatibility with other operating systems that
also provide an implementation (usually called crypt(1) there). For real encryption, refer to bdes(1), openssl(1), pgp(1)
(ports/security/pgp), or gpg(1) (ports/security/gnupg). However, restrictions for exporting, importing or using such tools might exist in
some countries, so those stronger programs are not being shipped as part of the operating system by default.
ENVIRONMENT
CrYpTkEy used to obtain the secret key when option -k has been given
EXAMPLES
man enigma | enigma > encrypted
Enter key: (XXX -- key not echoed)
This will create an encrypted form of this man page, and store it in the file encrypted.
enigma XXX < encrypted
This displays the previously created file on the terminal.
SEE ALSO
bdes(1), gpg(1), openssl(1), pgp(1), ps(1), getpass(3)
HISTORY
Implementations of crypt are very common among UNIX operating systems. This implementation has been taken from the Cryptbreakers Workbench
which is in the public domain.
BSD
May 14, 2004 BSD