1

We have the base64 encoded SSH key password (so not a user account password!).

We have to keep an SSH tunnel opened to a place.

But sometimes the connection is bad and the SSH session terminates.

When we start the SSH tunnel, the SSH private key is encrypted with a password, thus requiring a human to input the pw.

We know that it is just obscurity to have the private ssh key password in a file, but it helps :)

Question: How can we automate the pw input when we open the tunnel? Maybe "expect" can help?

Marina Ala
  • 381
  • 1
    try looking for ssh-agent. this will basically load, with human entered password a key "in memory", then each time you'll shh to a place, this key might be used. – Archemar Mar 14 '17 at 06:04
  • You can also try sshpass https://www.cyberciti.biz/faq/noninteractive-shell-script-ssh-password-provider/ – Zumo de Vidrio Mar 14 '17 at 08:32

1 Answers1

2

First, is a best solution use a private/public key to connect automatically without password, if the connection loss, you can use autossh to keep alive. Follow this instructions. You can create a SSH key pair with the following command in client, keep password empty, to connect without password:

ssh-keygen -t rsa -b 4096

Then, copy the SSH key to the server with the command:

ssh-copy-id user@server.es

Now you can connect with server without password. Finally install autossh and execute the connection to server to create the tunnel:

autossh -M 0 -fN -o "ServerAliveInterval 30" -i /path/id_rsa -L 3307:localhost:3306 user@server
Daniel
  • 771
  • This only works on ssh servers which support ssh-copy-id, which I've found isn't default on, e.g. Bitvise SSH Server for Windows. For that you have to manually authorize your public key in the ssh server. *I should say, if you're on Windows to Windows you could try the Bitvise-specific feature on their client to do this task (https://www.bitvise.com/ssh-server-guide-public-key). – mathewguest Apr 15 '20 at 05:55