Re: ssh client password option

On Sun, 22 May 2005, Bob Proulx wrote:

> hkb2tw_@ssl-mail.com wrote:
> > i need the feature of a password option (like --password) for
> > scripting/testing purpose.
> >
> > I know its not secure and i am aware of that, i just need it for
> > internal testing purpose.
>
> You might look at using expect.
>
> http://expect.nist.gov/
>
> Or one of the expect follow-ons such as these perl modules:
>
> http://search.cpan.org/search?query=expect&mode=all

I find it easier to get openssh to use it's ssh_askpass code, pointed at a
script to echo the required password. No expect or anything needed,
though one does (seem to) need to fool openssh into thinking that it
doesn't have a controlling terminal (if it would otherwise have one), e.g.
by using setsid on systems which support that.

By default iff there is a controlling terminal ssh prompts for the
password there, otherwise it calls the ssh_askpass. At some point I did
intend to add an option hack to tell ssh to ignore the controlling
terminal and always use ssh-askpass -- some people prefer the ssh-askpass
password prompts.

e.g. on a linux system with setsid:

SSH_ASKPASS=~/mypass setsid ssh -vvv testacc@foobar uptime

where ~/mypass is (in this case) just:

echo "wibble"

Not that this is a very sane password...

-- Jon

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev