Can you set passwords in .ssh/config to allow automatic login?

Trading off security for convenience never ends well...

Could you use ssh-copy-id from the openssh-client package?

From man ssh-copy-id:

ssh-copy-id is a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/authorized_keys file.

If you don't really want to use a public/private key pair, you can write an expect script to enter the password for you automatically depending on the destination address.

Edit: What I mean is that you can have a script that, on one hand, uses expect to enter the password for you and, on the other hand, reads the password for a given user and host from a configuration file. For example, the following python script will work for the sunny day scenario:

#!/usr/bin/python                                                                                                                        
import argparse
from ConfigParser import ConfigParser
import pexpect

def main(args):
    url = args.url
    user, host = url.split('@', 1)

    cfg_file = 'ssh.cfg'
    cfg = ConfigParser()
    cfg.read(cfg_file)
    passwd = cfg.get(user, host)

    child = pexpect.spawn('ssh {0}'.format(url))
    child.expect('password:')
    child.sendline(passwd)
    child.interact()

if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='Run ssh through pexpect')
    parser.add_argument('url')
    args = parser.parse_args()
    main(args)

and the configuration file format would be as follows:

[user_1]
host1 = passwd_1
host2 = passwd_2

[user_2]
host1 = passwd_1
host2 = passwd_2

Note: As explained, the python script would need to be much more complex to handle all the possible errors and question messages from ssh and all the possible URLs (in the example it's assumed that it will be something like user@host, but the user part isn't used most of the times), but the basic idea would still be the same. Regarding the configuration file, you may use a different configuration file or use .ssh/config and write your own code to parse that file and get the password for a given user and host.

How about ProxyCommand:

Host Home-raw
    HostName test.com
Host Home
   User netmoon
   Port 22
   ProxyCommand sshpass -pmypass ssh netmoon@%h-raw nc localhost %p

You can use ssh -W instead of nc as well:

ProxyCommand sshpass -pmypass ssh netmoon@%h-raw -W localhost:%p

Can you set passwords in .ssh/config to allow automatic login?

Tags:

Command Line

Bash

Ssh

Remote Access

Related

Recent Posts