0

I'm new to bash scripting. I want to call a function from my script which will ssh into a remote computer (on my LAN) and run a command.

So far I have: 

function run_ssh_command {
    target_ip=$1
    username=$2
    password=$3
    cmd=$4

    ssh -l ${username} ${target_ip} ${password}
}

I invoke the function from the terminal as follows:

(Note: I give script_name, username and password "real" values when executing the function on my machine. 'ifconfig' is the command I want to run on the remote machine.)

source script_name.sh; run_ssh_command 192.168.X.Y username password ifconfig

Result: Running the above command will get me to the password prompt part of the login process (e.g. same as ssh username@192.168.X.Y)

Question: I want to handle the password entry automatically using the script. What is the "best" way to go about this, in general?

MarkMark
  • 583
  • 3
    Are keys rather than password an option for you? – Ikaros Apr 17 '18 at 10:52
  • 1
    @Ikaros No unfortunately keys are not an option for me. Additionally i'm too new a user to determine if this question will be deemed a "duplicate" of the other you linked to. However, I had tried the "solution" to that similar question and it did not work for me. – MarkMark Apr 17 '18 at 11:07
  • Maybe sshpass is an option for you. Usage is sshpass -p <PASSWORD> ssh user@host; in your case sshpass -p <PASSWORD> ssh user@host ifconfig. – mnille Apr 17 '18 at 11:59
  • @mnille Thanks but it won't do on this occasion unfortunately. I am seeking a way to either pass the password to the ssh command directly OR a method by which my script waits for the password prompt and then enters the password – MarkMark Apr 17 '18 at 12:29
  • https://stackoverflow.com/a/43526842/13317 – Kenster Apr 17 '18 at 14:38
  • See also ${variable_name} doesn’t mean what you think it does … – G-Man Says 'Reinstate Monica' Apr 17 '18 at 21:00
  • @G-Man My understanding is that it is parameter expansion. I just did a simple test to confirm (e.g. name="John"; echo ${name}; this will return the name John. I will do more research on it later though, thanks for your comment. – MarkMark Apr 18 '18 at 08:28
  • Perhaps I was too subtle.  The point is that (except when you’re concatenating other text) $user is just as good as ${user}.  And the other point is you should always quote your shell variable references (e.g., "$username" and "$target_ip") unless you have a good reason not to, and you’re sure you know what you’re doing.  This probably won’t be an issue for a user name or an IP address, … (Cont’d) – G-Man Says 'Reinstate Monica' Apr 18 '18 at 17:58
  • (Cont’d) …  but what if the password has a space in it (e.g., “correct  horse”)?  If you say password=$3 (where $3 is correct horse) and then you say ${password}, that will be treated as two separate arguments (correct followed by horse), rather than one argument with a space in it.  A word that contains * or ? can also cause problems.  This is commonly seen as a concern when you write a script that handles file names. – G-Man Says 'Reinstate Monica' Apr 18 '18 at 17:58

2 Answers2

0

You can use sshpass. However, this requires you to hardcode the password, which is in general unsafe and thus not recommended, but might be required in case you can't use RSA fingerprints.

Usage:

sshpass -p somepassword ssh user@host

If you have root access to the remote machine you should defenitely consider establishing RSA keys. This explains how it is setup.

telina
  • 1
  • Thanks, but this is not a suitable method for me at this time. If you notice in the original post when I call the function I pass it 4 arguments, of which one is the password. I am seeking a way to either pass the password to the ssh command directly OR a method by which my script waits for the password prompt and then enters the password – MarkMark Apr 17 '18 at 12:27
  • Well I do not know of any possibility of doing that, other than sshpass. You can use sshpass inside the script, all you have to do is install it. – telina Apr 17 '18 at 12:48
  • I think you do not understand this correctly. sshpass does forward the password directly to ssh. There is no way to stop the script and echo the password into the password prompt. The ssh command does not allow for this."ssh uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user. Sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user. " (https://www.cyberciti.biz/faq/noninteractive-shell-script-ssh-password-provider/) – telina Apr 17 '18 at 12:56
0

Use this to run ssh from script: 

ssh -i {privateKey} -o StrictHostKeyChecking=no {userName}@{serverIp} "{command}"

Example:

ssh -i privateKey -o StrictHostKeyChecking=no user@127.0.0.1 "mkdir testFolder"

This command will create a test folder from script code.

mitesh sharma
  • 1
  • Thanks, I should have mentioned in the original post that I can't use keys to achieve this. I am seeking a way to either complete the login process directly (hostname, username, password) in one go OR some modification to the code shown in the original post whereby the script "sees" the password prompt and then enters the password argument. – MarkMark Apr 17 '18 at 12:25