Shell Script for logging into a ssh server

Question

I tried writing a shell script which can do automatic login into a ssh server using password which is mentioned in the script. I have written the following code:

set timeout 30
/usr/bin/ssh -p 8484 root@172.31.72.103
expect 
{
   "root@172.31.72.103's password" 
   {
      send "password\r" 
   }
}

This code is not running properly, still it is asking for the password. Can somebody please help me in solving this

Answer 1

I once wrote an expect script to log in to a ssh server (like your case) and my script was something like this:

#!/usr/bin/expect

spawn ssh MyUserName@192.168.20.20
expect "password"
send "MyPassword\r"
interact

I think maybe the interact is missing in your script.

Answer 2

You're going about it the wrong way. What you want to do is generate a passwordless ssh-key pair and then (as long as the server supports RSA key authentication) you can get in without having to type a password for all. This is a security risk if your private key is stored somewhere that it could be stolen.

Follow these steps:

1. mkdir -p ~/.ssh
2. cd ~/.ssh
3. ssh-keygen -type dsa -i mysshkeys
4. Press Return when prompted for passphrase
5. Press Return a second time to confirm.

There will now be two files in your ~/.ssh directory, mysshkey.pub and mysshkey. mysshkey.pub is your public key, this one is safe to put on remote servers. mysshkey is your private passwordless key, it is not safe to put on remote servers (or somewhere someone else could get a copy).

On the server you wish to SSH into:

1. Login to the remote server
2. mkdir -p ~/.ssh
3. Copy and paste the contents of mysshkey.pub into ~/.ssh/authorized_keys
4. Make sure that ~/.ssh/authorized_keys is chmod'd to 600

Now, to put it into action on your local machine you run the following command:

ssh -i ~/.ssh/mysshkey <remote_server_ip>

And you will be logged in without being prompted for a password.

This is a much preferable method of managing automated logins as you don't end up hard-coding your password multiple places that need to be updated if you ever change it.

Answer 3

On Debian-based distributions, the sshpass package provides an easier way of doing what you want. The package is available for many other popular distributions. You need to set it up first:

echo 'YourPassword' > passwordFile.txt
chmod 600 passwordFile.txt

Then invoke the SSH command from a script like this:

sshpass -f /path/to/passwordFile.txt /usr/bin/ssh -p 8484 root@172.31.72.103

This provides more flexibility, such as if you're using a different locale or need to change the password, than solutions using expect.

Answer 4

you can use this:

sshpass -p 'yourpassword'  ssh user@ip

Answer 5

First install the sshPass sudo apt-get install sshpass

Then create an alias in .bashrc file as

alias sshLogin='sshpass -p <your ssh password> ssh username@remote_host'

Now reload your changed .bashrc file by source ~/.bashrc

You are now done.

Now you can run the ssh using the above created alias sshLogin in terminal.

Answer 6

All what you need it to create a hashed key and save it on your PC

Just type

ssh-keygen -t rsa -b 4096 # just press Enter till the end

then enter

ssh-copy-id <user>@<server>

then login normally using

ssh <user>@<server>

Now you don't need a password

Note: Saving your password in a plain text is dangerous

This method is creating a hashed value of your password using RSA with public key of length 4096 which is very secure.

Answer 7

As already described in other answers, I also use sshpass but I combine it with the read command to store my password in an temporary environment variable. This way my password is never written anywhere in clear. Here is the one line command I use:

read -s PASS; sshpass -p $PASS ssh <user>@<host adress>

After that you have to enter your password (nothing appears on the screen) and then pressing enter will open the connection.

Answer 8

SSH Passwordless Login Using SSH Keygen in 5 Easy Steps:

Environment setup:

Step 1: Authentication SSH-Kegen Keys on – (192.168.0.12)
First login into server 192.168.0.12 with a user and generate a pair of public keys using following command.

Step 2: Create .ssh Directory on – 192.168.0.11
Use SSH from server 192.168.0.12 to connect server 192.168.0.11 to create .ssh directory under it, using following command.

Step 3: Upload Generated Public Keys to – 192.168.0.11
Use SSH from server 192.168.0.12 and upload new generated public key (id_rsa.pub) on server 192.168.0.11 under user's .ssh directory as a file name authorized_keys.

Step 4: Set Permissions on – 192.168.0.11
Due to different SSH versions on servers, we need to set permissions on .ssh directory and authorized_keys file.

Step 5: Login from 192.168.0.12 to 192.168.0.11 Server without Password
From now onwards we can log into 192.168.0.11 as sheena user from server 192.168.0.12 as tecmint user without password.

Answer 9

I recently did this, this may help you:

sshpass -p 'password' username@ipaddress

if this doesn't work then you'll have to generate keys in the other machine you want to connect with

ssh-keygen

it will generate private and public keys and ask you for a location, leave at empty it will save the keys in .ssh folder by default it will ask you for passphrase, you can also leave it empty the go in .ssh folder and change the public key name to 'authorized_keys'

cd .ssh/
mv id_rsa.pub authorized_keys
useradd -d /home/username username

this will add user to list now go to home directory and give permission and restart sshd services

chmod 700 /home/username/.ssh
chmod 644 /home/username/.ssh/authorized_keys
chown root:root /home/dozee
sudo service sshd restart

now you will have to move the private key to the system at that location from where you are going to run the ssh command, then you can connect with

sshpass -p 'password' ssh -i id_rsa username@ip

if even that doesn't work then go in /etc/ssh open sshd_config with vim editor check if the pubkeyAuthenticatoin is turned to yes or not, if not change it to yes , restart the sshd services and then try it, it will definitely work.

Answer 10

First argument is hostname and second is password.

     #!/usr/bin/expect
     set pass [lindex $argv 1]
     set host [lindex $argv 0]
     spawn ssh -t root@$host echo Hello
     expect "*assword: "
     send "$pass\n";
     interact

Execution:

./script.expect hostname "my!password?"

Answer 11

Just use the appropriate option

ssh -o PreferredAuthentications=password user@remote.server.tld

You can also go the other way around and simply forbid using keys.

ssh -o PubkeyAuthentication=no user@remote.server.tld

Answer 12

Purely bash answer

#!/bin/bash
[[ $1 =~ 'password:' ]] && cat || SSH_ASKPASS="$0" DISPLAY=nothing:0 exec setsid "$@"

Save it as pass, do a chmod +x pass and then use it like this:

echo mypass | pass ssh user@host ...

If its first argument contains password: then it passes its input to its output (cat) otherwise it launches whatever was presented after setting itself as the SSH_ASKPASS program.

When ssh encounters both SSH_ASKPASS AND DISPLAY set, it will launch the program referred to by SSH_ASKPASS, passing it the prompt user@host's password: