Sending passphrase w/o keyboard interaction

Damien Miller djm at
Tue Sep 28 10:25:02 EST 2004

Morgan Small wrote:
> I have an account where I have DSA key setup with a passphrase.  I am trying
> to write a script to ssh over to another Unix server, without having to type
> in the passphrase and have ssh read the passphrase from either a file or
> pass it in from the command line.  Is there a way to do something like this?
> I know that we can it so I don't need to enter a passphrase but we don't
> want to do that.

You could use ssh-agent, which will allow you to enter the passphrase
once per system boot.

If you don't want to do this, then you might as well make a
passphraseless key, because you will need to store the passphrase
someone on the system anyway.

If you still want to do this, you could feed a key into the agent by
providing a ssh-askpass that just echos the passphrase to stdout and
doing something like:

SSH_ASKPASS=/path/to/script_which_echoes_passphrase DISPLAY=foo \
    ssh-add /path/to/key </dev/null

Otherwise, use expect.


More information about the openssh-unix-dev mailing list