How can I automate SSH login to Linux servers with password provided in the terminal or file?. If you have Linux servers which accept password authentication for ssh you can actually automate login so you’re not prompted for password when logging in to the system. The configuration to enable SSH password authentication in a Linux server is:

PasswordAuthentication yes

If you change sshd configuration file service restart is required.

### CentOS / Fedora ###
$ sudo systemctl restart sshd

### Ubuntu / Debian ###
$ sudo systemctl restart ssh

I’ve configured my SSH client as below to disable StrictHostKeyChecking and set other settings.

$ vim ~/.ssh/config
Host *
    UserKnownHostsFile /dev/null
    StrictHostKeyChecking no
    IdentitiesOnly yes
    ConnectTimeout 0
    ServerAliveInterval 300

Install sshpass utility

To pass user password in the console we need to install sshpass utility which enables you to manage SSH connections in scripts. This utility is designed to run SSH using the keyboard-interactive password authentication mode, but in a non-interactive way.

To install sshpass run the following commands:

### CentOS / Fedora ###
$ sudo  yum install sshpass

### Debian / Ubuntu ###
$ sudo apt update
$ sudo apt-get install sshpass

Automate SSH Password Login with sshpass

Once the utility is installed you can use it to automate ssh login in your scripts. The command usage help page is as shown below.

$ sshpass --help
sshpass: invalid option -- '-'
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
   -f filename   Take password to use from file
   -d number     Use number as file descriptor for getting password
   -p password   Provide password as argument (security unwise)
   -e            Password is passed as env-var "SSHPASS"
   With no parameters - password will be taken from stdin

   -P prompt     Which string should sshpass search for to detect a password prompt
   -v            Be verbose about what you're doing
   -h            Show help (this screen)
   -V            Print version information
At most one of -f, -d, -p or -e should be used

See this simple usage example:

$ sshpass -p your_ssh_user_password ssh [email protected]_or_ip

If I’m logging in to the server with IP address 172.20.21.200 as jmutai user with password [email protected] I’ll run:

$ sshpass -p '[email protected]' ssh [email protected]

Providing SSH Password in file

You can also use password saved in file with the -f command option. See below example.

$ echo '[email protected]' >ssh_pass_file
$  chmod 0400 ssh_pass_file
$ sshpass -f ssh_pass_file ssh [email protected]

Automate copying of SSH keys to multiple servers

If you have multiple servers and would like to automate copying of SSH public keys to the servers, first create a file with all remote servers.

$ vim /tmp/servers
172.20.21.200
172.20.21.201
172.20.21.202
172.20.21.203
172.20.21.204

The use while loop to copy SSH keys:

cat /tmp/servers | while read line; do
  sshpass -p 'SSH_USER_PASSWORD' ssh-copy-id <USERNAME>@$line;
done

Example:

cat /tmp/servers | while read line; do
  sshpass -p '[email protected]' ssh-copy-id [email protected]$line;
done

You should now be able to login to server without being asked for a password:

$ ssh [email protected]
Warning: Permanently added '172.20.21.201' (ECDSA) to the list of known hosts.

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

[[email protected]~]$ 

Using sshpass with rsync

This is an example on how to automate rsync operations using sshpass:

SSHPASS='[email protected]' rsync --rsh="sshpass -e ssh -l username" /mydir/ host.example.com:/mydir/

The above uses the -e option, which passes the password to the environment variable SSHPASS. The -f switch can be used like this:

 rsync --rsh="sshpass -f ssh_pass_file ssh -l username" /mydir/ host.example.com:/mydir/

Using sshpass with scp

This is another example on copying files to remote server with SSH password.

scp -r /mydir --rsh="sshpass -f ssh_pass_file ssh -l username" host.example.com:/mydir

Conclusion

As shown in this article sshpass is a nice tool that sysadmins can use to automate ssh related operations from command line and in administrative scripts. Please note the most secure form of SSH authentication is public-key authentication and not password authentication.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

three × 2 =