I have a script that relies on public/private key ssh authentication. The problem is that some systems are misconfigured and do not have the proper ssh public/private key trust set up. When that happens ssh ask me for a password blocking the script's execution. I have tried this command:
sudo ssh -o "PasswordAuthentication=no" -o "ChallengeResponseAuthentication=no" root@last-call
But I still get prompted for the root password.
The canonical way to do this is with the BatchMode option:
ssh -o BatchMode=yes …
According to the manual:
If set to “yes”, passphrase/password querying will be disabled. This option is useful in scripts and other batch jobs where no user is present to supply the password.
I would have expected the combination of PasswordAuthentication=no and ChallengeResponseAuthentication=no to be enough though. ssh -vv might yield a clue.
$ sudo ssh last-call-2 Password: $ sudo ssh -o "BatchMode=yes" last-call-2 Permission denied (gssapi-keyex,gssapi-with-mic,publickey,password,keyboard-interactive).
– Red Cricket
Feb 20 '16 at 00:51
"PreferredAuthentications=publickey"– Red Cricket Feb 20 '16 at 00:34