Shell Programming and Scripting

Hi guys,

I wrote a script that logs into around 30 nodes via SSH as root.

The issue is that I have to punch in the root password everytime and it is being a hassle.

Is there a way to save the password in a secure way and automate the whole procedure. I do not want to save the password in the script itself as that will be a security risk. The script is :

Code:

#!/bin/bash

for i in `cat nodes.txt`
do
echo $i
ssh root@$i "ps -ef | grep puppet | grep -v grep |awk '{print \$2}' | xargs kill -15 "
done

Sample output:

Code:

user1@server /scripts $ ./killpuppet.sh 
server1
Password:
server2
Password:
server3
Password:
server4
Password:
server5
Password:

Why not use your public keys?

Thank you for the suggestion. But security wise, that's not an option.

Its by far the safest method you know?
Exchanging your keys need to be done only once ( well after it will depend of patches etc...)

Why not?

Because saving passwords is MORE secure?

If you need to automate running commands remotely on another machine, using the key exchange of SSH is by far the most secure method.

Saving a password to be accessed by a script somewhere is just about the least-secure method.

If your security organization won't allow you to use SSH keys, but will allow you to save a password, they're incompetent.

I agree with what you've said. It isn't the organization that has asked me to look into other options that SSH keys. Its I who wants to look at other possible ways.

But I have to agree to use SSH is something I will work on now. Thank you for the help.

Well using .rhosts files might be safer than copying passwords around...