Tag Archives: Linux Tips & Tricks

sshpass Command : Non-interactive Password Authentication with SSH

Posted on by
Reply

Overview :

Linux system Admins  normally login to the linux  servers either supplying a password, or using keybased authentication. sshpass is a tool which allows us to automatically supply password to the command prompt so that automated scripts can be run as desired by users. sshpass supplies password to ssh prompt using adedicated tty , fooling ssh to believe that a interactive user is supplying password.

Some of the common uses of sshpass :

1.taking backups to a remote server

2.executing commands on systems at a specified time.

SSHPASS Installation :

1) Centos Based distributions

Setup the EPEL repository from https://fedoraproject.org/wiki/EPEL and then run

As root run

# yum -y install sshpass

2) Ubuntu/Debain based distributions

As root run

# apt-get install sshpass

3)Compile & install from the source

#wget http://sourceforge.net/projects/sshpass/files/latest/download -O sshpass.tar.gz
#tar -zxvf sshpass.tar.gz 
#cd sshpass-1.05/ 
#./configure 
# make 
# make install
#which sshpass
/usr/local/bin/sshpass

Getting Help :

 # sshpass -h

Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters

  • -f filename   Take password to use from file
  • -d number     Use number as file descriptor for getting password
  • -p password   Provide password as argument (security unwise)
  • -e            Password is passed as env-var “SSHPASS”
    With no parameters – password will be taken from stdin
  • -h            Show help (this screen)
  • -V            Print version information

At most one of -f, -d, -p or -e should be used

sshpass is dead-easy to use. Instead of using the ssh user@remotehost command to establish an SSH connection, use the sshpass -p ‘password’ ssh user@remotehost command which automatically passes the specified password. Specifying the password as part of a command is not good security practice. A better approach is to export the password as the SSHPASS environment variable, and then use sshpass with the -e parameter:

export SSHPASS=password
sshpass -e ssh user@remotehost

Example:1 Supply Password with SSH

# sshpass -p 'password' ssh focustraining.in -l root -o StrictHostKeyChecking=no

Where :

password’ is the password of your server(focustraining.in). ‘StrictHostKeyChecking=no’ is used to control logins to machines whose host key is not known or has changed

Example:2 To run some command on the remote server viz checking uptime and uname

# sshpass -p 'password' ssh focustraining.in -l root -o StrictHostKeyChecking=no "uptime;uname -a"

Sample Output

14:24:39 up 5 days, 20:33, 21 users,  load average: 0.61, 0.41, 0.50
Linux focustraining.in 2.6.32-71.el6.x86_64 #1 SMP Wed Sep 1 01:33:01 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux