The Awesome Program You Never Should Use article describes a Linux utility that I have found some times very useful, because it can be incredibly helpful. Conceptually, sshpass is a horrible, horrible program. It basically allows you to enter an SSH user name and password on the command line, so you can create a connection without any interaction from your scripts. SSH has intentionally tried to stop you from feeding name and password with normal Linux piping operations (for security reasons). SSH uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user, but sshpass manages to make itself to look like keyboard to SSH process.
A far better way to accomplish to start SSH connection from script is with public/private keypairs. sshpass is a horribly insecure method for entering passwords, but sometimes it is all the tool you need to use when you just can’t use public/private keypairs (usually due to IT people that should be looking for security not wanting to do this for some reason, so you need to use insecure methods like sshpass to pass their limitations to get the task done). But keep in mind that insecure sshpass+SSH is still much more secure than methods that do not use encryption at all (like ftp, telnet, http). For more details on sshpass usage, look at the sshpass manual page.
0 Comments
Be the first to post a comment.