Can you set passwords in .ssh/config to allow automatic login?
Trading off security for convenience never ends well...
Could you use ssh-copy-id
from the openssh-client
package?
From man ssh-copy-id
:
ssh-copy-id is a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's ~/.ssh/authorized_keys file.
If you don't really want to use a public/private key pair, you can write an expect
script to enter the password for you automatically depending on the destination address.
Edit: What I mean is that you can have a script that, on one hand, uses expect
to enter the password for you and, on the other hand, reads the password for a given user and host from a configuration file. For example, the following python script will work for the sunny day scenario:
#!/usr/bin/python
import argparse
from ConfigParser import ConfigParser
import pexpect
def main(args):
url = args.url
user, host = url.split('@', 1)
cfg_file = 'ssh.cfg'
cfg = ConfigParser()
cfg.read(cfg_file)
passwd = cfg.get(user, host)
child = pexpect.spawn('ssh {0}'.format(url))
child.expect('password:')
child.sendline(passwd)
child.interact()
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Run ssh through pexpect')
parser.add_argument('url')
args = parser.parse_args()
main(args)
and the configuration file format would be as follows:
[user_1]
host1 = passwd_1
host2 = passwd_2
[user_2]
host1 = passwd_1
host2 = passwd_2
Note: As explained, the python script would need to be much more complex to handle all the possible errors and question messages from ssh and all the possible URLs (in the example it's assumed that it will be something like user@host
, but the user part isn't used most of the times), but the basic idea would still be the same. Regarding the configuration file, you may use a different configuration file or use .ssh/config
and write your own code to parse that file and get the password for a given user and host.
How about ProxyCommand:
Host Home-raw
HostName test.com
Host Home
User netmoon
Port 22
ProxyCommand sshpass -pmypass ssh netmoon@%h-raw nc localhost %p
You can use ssh -W
instead of nc
as well:
ProxyCommand sshpass -pmypass ssh netmoon@%h-raw -W localhost:%p