ssh client password option

Jon Peatfield J.S.Peatfield at damtp.cam.ac.uk
Mon May 23 22:28:38 EST 2005


On Sun, 22 May 2005, Bob Proulx wrote:

> hkb2tw_ at ssl-mail.com wrote:
> > i need the feature of a password option (like --password) for
> > scripting/testing purpose.
> > 
> > I know its not secure and i am aware of that, i just need it for
> > internal testing purpose.
> 
> You might look at using expect.
> 
>   http://expect.nist.gov/
> 
> Or one of the expect follow-ons such as these perl modules:
> 
>   http://search.cpan.org/search?query=expect&mode=all

I find it easier to get openssh to use it's ssh_askpass code, pointed at a
script to echo the required password.  No expect or anything needed,
though one does (seem to) need to fool openssh into thinking that it
doesn't have a controlling terminal (if it would otherwise have one), e.g.
by using setsid on systems which support that.

By default iff there is a controlling terminal ssh prompts for the
password there, otherwise it calls the ssh_askpass.  At some point I did
intend to add an option hack to tell ssh to ignore the controlling
terminal and always use ssh-askpass -- some people prefer the ssh-askpass
password prompts.

e.g. on a linux system with setsid:

  SSH_ASKPASS=~/mypass setsid ssh -vvv testacc at foobar uptime

where ~/mypass is (in this case) just:

  echo "wibble"

Not that this is a very sane password...

 -- Jon




More information about the openssh-unix-dev mailing list