Difference between revisions of "Linux Remote Shell Notes"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
m
Line 2: Line 2:
 
== auto login ssh ==
 
== auto login ssh ==
  
The OpenSSH ssh utility doesn't accept a password on the command line or on its standard input. I believe this is a deliberate decision on the part of the OpenSSH developers. You have these options available to you:
+
The OpenSSH ssh utility doesn't accept a password on the command line or on its standard input. The nanny mentality whereby the developer protects us from ourselves by preventing us from doing something that compromises security, even though the result may be worse.
  
    Use an SSH key for authentication, instead of a password.
+
OPTIONS FOR SSH AUTOMATED
    Use sshpass, expect, or a similar tool to automate responding to the password prompt.
+
# Use an SSH key for authentication, instead of a password.
    (ab)Use the SSH_ASKPASS feature to get ssh to get the password by running another program, described here or here, or in some of the answers here.
+
# Use sshpass, expect, or a similar tool to automate responding to the password prompt.
    Get the SSH server administrator to enable host-based authentication and use that. Note that host-based authentication is only suitable for certain network environments. See additional notes here and here.
+
# Use the SSH_ASKPASS feature to get ssh to get the password by running another program.
    Write your own ssh client using perl, python, java, or your favorite language. There are ssh client libraries available for most modern programming languages, and you'd have full control over how the client gets the password.
+
# Use the insecure host-based authentication, sometimes common on private networks.
    Download the ssh source code and build a modified version of ssh that works the way you want.
+
# Use a custom or modified ssh client adapted from source code, or one that allows for stored password.
    Use a different ssh client. There are other ssh clients available, both free and commercial. One of them might suit your needs better than the OpenSSH client.
+
  
 
=== sshpass ===
 
=== sshpass ===

Revision as of 10:51, 5 March 2018

auto login ssh

The OpenSSH ssh utility doesn't accept a password on the command line or on its standard input. The nanny mentality whereby the developer protects us from ourselves by preventing us from doing something that compromises security, even though the result may be worse.

OPTIONS FOR SSH AUTOMATED

  1. Use an SSH key for authentication, instead of a password.
  2. Use sshpass, expect, or a similar tool to automate responding to the password prompt.
  3. Use the SSH_ASKPASS feature to get ssh to get the password by running another program.
  4. Use the insecure host-based authentication, sometimes common on private networks.
  5. Use a custom or modified ssh client adapted from source code, or one that allows for stored password.

sshpass

Install the sshpass utility so that you can automate ssh login including password.

apt install sshpass

Now you can automate the login process

sshpass -p "mysecretpass" ssh -o StrictHostKeyChecking=no nicolep@192.168.100.10

Custom port example:

sshpass -p "mysecretpass" ssh -o StrictHostKeyChecking=no nicolep@192.168.100.10:9600

public key authentication

In the source host run this only once:

ssh-keygen -t rsa 

now press ENTER to every field

ssh-copy-id nicolep@192.168.100.10