ssh-copy-id "user name" "address of the computer where to connect"
While 1 ; do
- if asked for password then type the password notification so that the operator can type the password from the keyboard fi
- if password is good exit with success else return to begin of while fi
- if asked a question about any things then type the question so that the operator can type an answer ( generally : yes/no/y/n ) fi
- if error then type the error if possible ; In any case exit with failed fi
done
I start to test the first condition with :
set timeout 9
set user [lindex $argv 0]
set host [lindex $argv 1]
spawn ssh-copy-id $user@$host
expect {
Password: {
stty -echo
send_user "for $user on $host: "
expect_user -re "(.*)
"
send "$expect_out(1,string)
"
stty echo
exp_continue
}
}
calling it that way :
linux:~ # ssh-copy-id.expect.9 user_test x.y.z.t
I get
linux:~ # ssh-copy-id.expect.9 user_test x.y.z.t
spawn ssh-copy-id user_test@x.y.z.t
Password: for user_test on x.y.z.t:
Password: for user_test on x.y.z.t:
Password: for user_test on x.y.z.t:
user_test@x.y.z.t's password: bidon
linux:~ # bidon
I try to remove the last line (user_test@x.y.z.t’s password: )
using this
set timeout 9
set user [lindex $argv 0]
set host [lindex $argv 1]
spawn ssh-copy-id $user@$host
expect {
-re ^Password: {
stty -echo
send_user "for $user on $host: "
expect_user -re "(.*)
"
send "$expect_out(1,string)
"
stty echo
exp_continue
}
}
Then I get
linux:~ # ssh-copy-id.expect.A user_test x.y.z.t
spawn ssh-copy-id user_test@x.y.z.t
Password: for user_test on x.y.z.t:
Password:
linux:~ #
As you can see it does not work.
I get only one attempt.
How to allow only >>Password:<< when it starts at beginning of the text sent by ssh-copy-id
I am not fluent with the present situation, but in earlier Unix/Linux, the password was allways read from the terminal and not from stdin. This to prevent unsafe behaviour like using scripts with passwords hard coded inside to be fed to programs (mostly functioning using the expect cycle).
On 2012-11-22 20:26, hcvv wrote:
>
> I am not fluent with the present situation, but in earlier Unix/Linux,
> the password was allways read from the terminal and not from stdin. This
> to prevent unsafe behaviour like using scripts with passwords hard coded
> inside to be fed to programs (mostly functioning using the expect
> cycle).
I have used scripts to connect via telnet or ssh to machines
automatically, and the password was indeed encoded in the script. That
was as intended, it is needed for automation.
But it was on a different machine, I can not look up how I did it.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” (Minas Tirith))
A PM is a Personal Message. That is a message that is only to be read by a forum member personaly. You can do that e.g. by clicking on a members name left upper in a post. There is menu which contains this possibility (when you use a French translation of the forums it will be in French, but you will understand).
As I (being not only a member, but also a mod) am here on this thread already, you can also ask here in a post and I will see it. IMHO starting a thread in the correct forum is very important to get the best audience for a problem. Not everybody will look in every (sub)forum.
But it is up to you. Do you want me to move this thread to Programming/Scripting?
On 11/23/2012 10:26 PM, jcdole wrote:
> Could you explain to a dummy what do you mean.
i didn’t expect you were dumb.
instead, anyone who can write a script i expect to be pretty smart…
> What is a PM ?
> And who are “Them”
i see that a mod has already explained [by the way, i also asked what a
“PM” was the first time i saw it here–but i couldn’t write a script
then, so how could i know you didn’t know?]…
since mods are not in every thread, reading every note it sometimes is
good to PM one about a needed thread move…
that is the best way to get your needs seen the quickest by the
specialized audience in the appropriate venue…where it can get the
attention you need, and deserve…