Telnet or ssh password in script

aecordoba · January 28, 2009, 1:03pm

Hi there!

I need to write a script that makes a telnet (or ssh) to another host, and run another script there.
How can I make it in order to supply the password in the script?

Thank you, in advance.

Monex · January 28, 2009, 1:33pm

Hi,

this is a bit more complicated than it looks because ssh has security forbids redirecting the stdin, as far as I know. There are several libraries e.g. for python pyssh and perl Net:SSH which can handle this situation. But of course you can also use passwordless public key authentication or public key authentication with ssh-agent so that no password input is requires on ssh connect.

Hope this helps

smpoole7 · January 28, 2009, 1:36pm

What Monex said. Here’s a good how-to.

OpenSSH Public Key Authentication

I don’t use Telnet, but we use this all the time with SSH in scripts. We have servers in another city that rsync backups into one of our machines overnight. The scripts are run as cron jobs to give us automatic, off-site backup.

user · January 28, 2009, 3:54pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Agreed with both responses. Use keys as they are simple to use, not too
bad to setup, and typically safer than passwords.

Also, telnet should never be used with usernames/passwords… ever.
Anything you authenticate-to via that should be considered open to the
world… might as well not have a username/password.

Good luck.

smpoole7 wrote:
> What Monex said. Here’s a good how-to.
>
> ‘OpenSSH Public Key Authentication’
> (http://sial.org/howto/openssh/publickey-auth/)
>
> I don’t use Telnet, but we use this all the time with SSH in scripts.
> We have servers in another city that rsync backups into one of our
> machines overnight. The scripts are run as cron jobs to give us
> automatic, off-site backup.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJgHGs3s42bA80+9kRAtANAJsFx1Vog+uh6M8ZlooUL38LVy3nGwCfda2c
xM4IToZpDBxHzXHIyBzqsJ8=
=2oRU
-----END PGP SIGNATURE-----

jengelh · January 29, 2009, 4:09am

ssh can also read passwords from stdin using the “fd0ssh” tool from hxtools.

user · January 29, 2009, 4:52am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Or ‘expect’ which is a freeware open source tool… but it’s still not
the best idea ever. Use keys and at least slow a malicious user down a
little.

Good luck.

jengelh wrote:
> ssh can also read passwords from stdin using the “fd0ssh” tool from
> hxtools.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJgSgG3s42bA80+9kRAng+AJ43Tu+LnQQ5VMj84zilNKK0dxe+AwCeJb28
Bz7oaUwUpkjadlpwFpN5yLo=
=vMjh
-----END PGP SIGNATURE-----