How to automate SSH login with password?

Question

How to automate SSH login with password? I'm configuring my test VM, so heavy security is not considered. SSH chosen for acceptable security with minimal configuration.

ex)

echo password | ssh id@server

This doesn't work.

I remember I did this with some tricks somebody guided me, but I can't remember now the trick I used...

FreeBSD did not accept password-less keys. Don't be tempted. However some Linux servers accepted it. I believe the Linux server was misconfigured. — Eonil, Mar 01 '11 at 14:32
This is a valid question. For example, I want to allow a user to enter a password, then login in to another machine using it. I can't assume that there will be ssh keys distributed across all our machines. The answers below so far do not help this situation. — dfrankow, Apr 12 '12 at 16:30
http://unix.stackexchange.com/questions/38737/ssh-login-with-clear-text-password-as-a-parameter || http://unix.stackexchange.com/questions/38737/ssh-login-with-clear-text-password-as-a-parameter || http://stackoverflow.com/questions/233217/pass-password-to-su-sudo-ssh — Ciro Santilli OurBigBook.com, Nov 30 '15 at 21:24
Very important question. I need an answer too, my webspace provider blocks to put keyfiles on the server, so I must pass the passwort without keyfiles. — Radon8472, Jul 11 '18 at 13:45
Here is a purely bash answer, --- file starts --- #!/bin/bash [[ $1 =~ password: ]] && cat || SSH_ASKPASS="$0" DISPLAY=nothing:0 exec setsid "$@" --- file ends--- Save it as pass, do a chmod +x pass and then use it like this: $ echo mypass | ./pass ssh user@host — Shankara Narayana, Sep 14 '20 at 00:09
See also: [StackOverflow: Pass a password to ssh in pure bash](https://stackoverflow.com/questions/24454037/pass-a-password-to-ssh-in-pure-bash) — Gabriel Staples, Oct 26 '21 at 23:33
I **have** to use a password. Can a solution like that be offered too? — Charlie Parker, Nov 25 '22 at 20:21

weekens · Answer 1 · 2017-07-10T12:23:46.753

891

$ sudo apt-get install sshpass
$ sshpass -p your_password ssh user@hostname

edited Jul 10 '17 at 12:23

answered May 31 '13 at 09:08

weekens

9,063
2
15
9

75

Yup, sometimes you can't use key based auth for various reasons.. for example right now I can't use keyauth on a plesk server because out the box it's not enabled and I don't have root. – John Hunt Jul 04 '13 at 13:33
29

+1! As a side note, you need to run plain `ssh` once before using `sshpass`, in order to confirm the RSA fingerprint – user123444555621 Aug 02 '13 at 08:08
54

-1 for having to use the password in the command. This logs the password at `.bash_history` in plain text on your machine. – Apr 11 '14 at 21:18
1

Not sure, but usefull for your own virtual local servers management. Thank you! – ssoto Jan 13 '15 at 17:49
3

Try something like this `stty -echo; read -s -p "Enter ssh password : " PASSWORD_SSH; stty echo; sshpass -p y$PASSWORD_SSH ssh user@hostname;` in a bash script file to not have the password in the `.bash_history` – yunzen Apr 14 '15 at 07:33
25

@MisterDood You could run `history -r` after the command to erase your history. Good point though. – NuclearPeon May 14 '15 at 18:37
4

Here's a gist to install sshpass on OSX: https://gist.github.com/arunoda/7790979 – the Jun 09 '15 at 10:58
8

+1 because I couldn't care less that it is logged in `.bash_history`. Whatever. – Nick Manning Jun 21 '15 at 00:47
6

`sshpass -p 'your_password' ssh user@hostname -p portnumber` if your port differs from 22 – vladkras Jan 13 '16 at 10:44
10

@AlaskaWebHosting why not just `sshpass -p "$(cat ~/credentials/server01)" ssh user@server01`? – Adam K Dean Jan 13 '16 at 11:48
1

Note this sshpass won't take passphrases, but there is a fork that does: https://github.com/blue-sky-r/sshpass-p4k – Mahn Apr 12 '16 at 16:23
44

Pro tip: If you don't want to have a specific command show up in .bash_history, prefix the command with a space. It just works. However, users of this command should be more concerned that non-privileged users on the system can see the full command-line with ps, which, of course, includes the password. Since ssh sessions tend to be long-lived, this is a security issue. – CubicleSoft Jul 16 '16 at 15:47
10

If this is your first login you could use `-oStrictHostKeyChecking=no` to skip the host key checking. Example usage: `sshpass -p 'your_password' ssh -oStrictHostKeyChecking=no user@hostname uptime` – Lahmizzar Oct 12 '16 at 12:21
4

This should be the accepted answer – Deepak Mahakale Oct 25 '16 at 08:59
1

Thank you so much! I used it to brute force a SSH connection which I forgot the password (I remembered which letters and numbers I used but not the form). – Adrian Antunez Jul 04 '17 at 18:51
1

+1 did not work for me but attempts to answer the question – josinalvo Nov 30 '17 at 16:23
4

I like @yunzen comment, you can read the $PASSWORD_SSH variable from a file or as a result of another command, for example: `source .env; sshpass -p $PASSWORD_SSH ssh user@hostname` – emont01 May 09 '19 at 18:10
mac users use macports not homebrew for this one – Samie Bencherif Jul 29 '19 at 02:49
Please read the **SECURITY NOTE** on `sshpass` [package description](https://packages.debian.org/stretch/sshpass). – Pablo A Aug 01 '19 at 04:46
6

Just use `sshpass -f PWFILE ssh user@host` which takes the password directly from the file – clemisch Aug 17 '19 at 18:01
Great! To stay away from history thing, i wrote command in executable file and i'm running that. I know its not much secured, but its good than having it to visible as a plain text in a history. – Ravi Dhoriya ツ Apr 16 '20 at 15:57
Not working for me! – Nam G VU Sep 25 '20 at 07:07
This should be the accepted answer to me! – Nam G VU Jun 01 '21 at 12:54
1

`E: Unable to locate package sshpass`. This only works on default Debian/Ubuntu. Not all derivatives need to contain this package. – Tino Jun 29 '21 at 14:36
1

thank you for actually answering the question, I know about ssh keys, but sometimes I just have to access poorly managed servers. – Magus Jan 06 '22 at 16:49
can't I pass my password to the other command using ssh without a passphrase? I just want to use my password. – Charlie Parker Nov 25 '22 at 20:22
echo 'password' | sshpass -f /dev/stdin ssh user@somehost command – anthony Apr 06 '23 at 03:00

score 629 · Accepted Answer · edited Oct 06 '21 at 20:10

629

Don't use a password. Generate a passphrase-less SSH key and push it to your VM.

If you already have an SSH key, you can skip this step… Just hit Enter for the key and both passphrases:

$ ssh-keygen -t rsa -b 2048
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.

Copy your keys to the target server:

$ ssh-copy-id id@server
id@server's password:

Now try logging into the machine, with ssh 'id@server', and check-in:

.ssh/authorized_keys

Note: If you don't have .ssh dir and authorized_keys file, you need to create it first

to make sure we haven’t added extra keys that you weren’t expecting.

Finally, check to log in…

$ ssh id@server

id@server:~$

You may also want to look into using ssh-agent if you want to try keeping your keys protected with a passphrase.

edited Oct 06 '21 at 20:10

Community

1

answered Mar 01 '11 at 11:17

Cakemox

25,209
6
44
67

25

I finally decided using key pairs. Because I realized that's the most simple way. – Eonil Mar 01 '11 at 12:49
9

@Eonil: Don't be tempted to use keys without a pass phrase. Learn how to use ssh-agent or pageant. – user9517 Mar 01 '11 at 13:20
@Iain Wow. I tempted, and refused already :) Linux server accepted the password-less keys but FreeBSD did not. I'm connecting from Mac, and I believe the password input GUI does same thing ssh-agent does. Because it does not ask anymore they once asked. – Eonil Mar 01 '11 at 14:30
2

`ssh-copy-id` doesn't accept password from STDIN either. When you have to log in just once for the sake of creation of a new su, uploading its pubkey and restricting logins to keys and restricting root login, it doesn't make sense to upload pubkey for root. – phil pirozhkov Nov 03 '12 at 14:05
4

If your computer doesn’t have `ssh-copy-id`, [this snippet](http://www.commandlinefu.com/commands/view/9379/copy-your-ssh-public-key-to-a-server-from-a-machine-that-doesnt-have-ssh-copy-id) (which sends the key by piping to `ssh`) is equivalent. Alternatively, on Mac OS X, install `ssh-copy-id` using [Homebrew](http://mxcl.github.com/homebrew/): `brew install ssh-copy-id`. – Rory O'Kane Mar 25 '13 at 17:44
3

I think the answer with sshpass is the correct one since the question being asked explicitly states "with password". – jnvilo Jun 28 '13 at 07:57
301

This is a good answer, but not the correct answer to the question. – John Hunt Jul 04 '13 at 13:34
dont forget the single quote in command: ssh 'id@server' – Yuming Cao Jun 20 '14 at 18:39
Nope. Plainly doesn't work. – Joe Oct 27 '14 at 14:55
1

Just a side note: on OSX, ssh-copy-id can be installed over Homebrew. – Arda Dec 16 '14 at 13:18
1

this is a very helpful answer. i normallyu follow the puttygen instructions. this helped greatly – Brian Thomas Apr 25 '15 at 02:35
206

These kinds of answers really, really annoy me. That wasn't the question. Nobody asked how to use key pairs. – Matt Fletcher Jun 16 '16 at 12:41
8

I’m with John Hunt. Best-practice, best for general-purpose use-cases, the asker was happy with it… yes, in general, this *is* what you want to be doing, but it’s not actually the answer to the question as-stated: it's an alternative solution that bypasses the asker’s problem rather than solving it. Sadly, not everyone is lucky enough to be able to do that. I think this answer could have been much better if it were of the form: “Here's how you can do what you’ve asked for: …BUT, if you can avoid that, you should, because , and because is safer/a best-practice.” – Mark G. Aug 31 '16 at 19:17
4

One issue with this solution - if the device does not support passwordless authentication (such as many SANs or dedicated hardware devices) this approach won't work. – Matthew Sep 01 '16 at 23:52
80

This does not answer the question. It is a good answer for a completely different question, but it is terrible for the one asked. – srchulo Jan 04 '17 at 20:42
2

There are use cases when ssh with a plaintext password on the command line is not irresponsible. I have docker containers I use for development. Nobody except me on my dev machine can even get to the docker containers via networking. Setting up private keys for every local dev docker deployment is not a good use of time. – steampowered Aug 06 '17 at 00:30
2

@MattFletcher Sometimes the correct answer is "your question is wrong. Here's what you should have asked, and here's the answer to *that*." – Jon McClung Mar 21 '19 at 17:01
4

This is the correct answer to the wrong question... – DimiDak May 28 '19 at 12:21
48

Can we make a collective effort to stop answering "how-to" questions with "don't do that" ? – Samie Bencherif Jul 29 '19 at 02:07
4

Hey dude, all these people are hating on you for answering the question and getting accepted lol. this is exactly what i was looking for and same with at least 422 other people, keep answering questions like this because it was a great answer. – Nikita Jerschow May 15 '20 at 02:27
1

Use ssh **-i ~/.ssh/id_rsa_your_key** root@server to specify a different ssh key – James Bond Aug 14 '20 at 11:25
5

This doesn't answer the question. – user234461 Nov 24 '20 at 14:53
4

This doesn't answer the question. The answer should never have been accepted and it ought to be moved to a different question 'How can I avoid having to automate supplying a password when logging in with SSH?' The only reason I'm here is because I wanted an answer to the actual question being asked. – reinierpost May 27 '21 at 17:15
2

**This is a terrible answer.** It is missing a warning boilerplate that **this must not be done on insecure machines** (most machines are insecure by default). If intruders get hold on this unprotected privat key, changing the password on the remote does no more lock them out. If you protect the pubkey with a passphrase you replace passwords by passphrases, which are the same thing. And an ssh-agent is a security nightmare if used inproperly, which is the case most time. **This answer directly leads you into security hell if you do not already know better. YOU HAVE BEEN WARNED!** – Tino Jun 29 '21 at 14:31
`ssh-copy-id id@server` will copy all of your locally saved keys to the server... – bomben Jul 07 '21 at 10:57
Why not use a password? Current public-key cryptography seems easy to break with quantum computers, so it's probably already obsolete – étale-cohomology May 05 '22 at 13:31
I use SSH to log into customers' servers. If I install trusted public key into their SSH, security alert is triggered, and antivirus removes authorized_keys. Because otherwise someone can still access their server even after they change password (after my freelance job is over), and that may be not what they want – OCTAGRAM Nov 19 '22 at 13:54
2

I **have** to use a password. Can a solution like that be offered too? – Charlie Parker Nov 25 '22 at 20:21
in case your IT Dept provide you a server with ssh port other than 22: `ssh-copy-id -p {PORT} user@host` – Luke Jan 06 '23 at 07:48
@étale-cohomology What a joke – Johan Boulé Mar 03 '23 at 09:19
It is better to answer the question and help them do what they ask and then also mention that this might be not such a good idea.. but then again, everyone is free to answer a question here in multiple ways, that's why stackoverflow doesn't delete the other answers once one answers has been marked as the accepted one. – Henry van Megen Mar 03 '23 at 09:48
All these steps were not sufficient for direct accessing a OpenSSH service onto a Windows host. I also add to edit ***C:\ProgramData\ssh\sshd_config*** file as reported in [link](https://superuser.com/questions/1510227/authorized-keys-win-10-ssh-issue) in order to securely connecting to the Windows server with non pwd. – luisa rosi Apr 10 '23 at 22:31
1

I need the password answer too. I need to log into Enterprise remote access controller cards that only accept passwords for ssh authentication. – majorgear Apr 14 '23 at 22:46

lzap · Answer 3 · 2021-12-06T11:11:23.677

123

While the correct answer for your question is sshpass (see other answer for details), there is a more secure way - SSH keys. You are just three easy steps away from the solution:

All the following commands are being run on the client side, i.e. your machine

Enter the following command to start generating a rsa keypair:

# ssh-keygen

When the message 'Enter file in which to save the key' appears, just leave the filename blank by pressing Enter.

When the terminal asks you to enter a passphrase, just leave this blank (Warning: read below) too and press Enter.

Then copy the keypair onto the server with one simple command:

# ssh-copy-id userid@hostname

you can now log in without a password:

# ssh userid@hostname

WARNING: Leaving SSH keys exposed without encrypting them is a not good practice even if you encrypt your whole drive. What is much safer is to actually enter a passphrase when generating keys and then use Keychain (MacOS, Linux) or SSH agent to remember the passphrase until you signout or suspend or timeout, depending on what you prefer.

edited Dec 06 '21 at 11:11

answered Nov 14 '11 at 12:57

lzap

2,882
2
23
23

2

Works fine with the default values. Using ~/rsa4live.pub didn't work for me when attempting `ssh-copy-id`. – Cees Timmerman Jun 04 '15 at 10:08
1

If you want this steps to work for different user, 1. ssh-keygen 2. ssh-copy-id nazir@hostname 3. ssh nazir@hostname – Venfah Nazir Jun 17 '16 at 10:23
2

For me it was `ssh-copy-id -i ~/.ssh/tatu-key-ecdsa user@host` – Gabriel Fair Sep 08 '17 at 21:47
58

This isn't an answer to the question. – Steve Bennett Nov 27 '17 at 23:10
6

And? The answer is above, sshpass... – lzap Nov 30 '17 at 16:21
1

will this overwrite any keys on the remote server? – Alexander Mills Aug 01 '19 at 21:03
1

No it adds to existing list. – lzap Aug 15 '19 at 12:59
Work for me while the selected answer didn't. – Herman Toothrot Feb 03 '20 at 09:35
"Enter the following command to start generating a rsa keypair:" where do I enter that command, in the server or in the client? – M.E. May 06 '20 at 07:25
Well, it now wants the password for ssh key :D beautiful :D the problem is not solved but we added a new layer of complexity! what an amazing solution! (Don't tell me that we can start ssh-agent and so on) that's not a solution, I want to start from my home computer to my home server with access to the internet, so this answer is not appropriate – Nusrat Nuriyev Apr 20 '21 at 10:26
**WARNING!** If you are new to `ssh` and public keys, do not fall into the trap of thinking that adding keys to a login makes it more secure than with a password! In contrast it makes it less secure! `ssh`-keys are only more secure if (a) you get rid of passwords (else you keep the insecurity of passwords, so insecurity can only rise!) and (b) you already know what you are doing (so you normally do not need that answer at all because you already know it better) and (c) everything is used and secured properly (which is much more difficult than with passwords alone if you are not used to it). – Tino Jun 29 '21 at 14:42
This is awesome!! Sometimes, taking the time to do it right makes a lot of sense. – Gogol Aug 22 '21 at 11:22
1

@tino absolutely it is not recommended to leave your SSH keys exposed. Instead, use ssh-agent or feature of any good OS (Linux, MacOS) - keychain. It will automatically remember your SSH keys passphrase once you enter it in the morning or after resume. Then it is totally safe. – lzap Dec 06 '21 at 11:08
1

Dropped a warning about this. – lzap Dec 06 '21 at 11:11
can't I pass my password to the other command using ssh without a passphrase? I just want to use my password. – Charlie Parker Nov 25 '22 at 20:22
And if the device doesn't support ssh key authentication? No other options? – majorgear Apr 14 '23 at 22:48
# no prompt `ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa` – seunggabi Jul 16 '23 at 05:53

ooshro · Answer 4 · 2011-03-01T12:41:59.040

62

Use expect:

#!/usr/bin/expect -f
#  ./ssh.exp password 192.168.1.11 id
set pass [lrange $argv 0 0]
set server [lrange $argv 1 1]
set name [lrange $argv 2 2]

spawn ssh $name@$server
match_max 100000
expect "*?assword:*"
send -- "$pass\r"
send -- "\r"
interact

Example:

# ./1.ex password localhost ooshro
spawn ssh ooshro@localhost
ooshro@localhost's password: 
Linux ubuntu-1010-server-01 2.6.35-25-generic-pae #44-Ubuntu SMP Fri Jan 21 19:01:46 UTC 2011 i686 GNU/Linux
Ubuntu 10.10

Welcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/
Last login: Tue Mar  1 12:41:12 2011 from localhost

edited Mar 01 '11 at 12:41

answered Mar 01 '11 at 11:08

ooshro

11,134
1
32
31

2

It worked but it can't print stdout of remote machine. – Eonil Mar 01 '11 at 12:41
it works well for some machine can't put the key in advance since IP address is changed everytime. – larrycai Dec 19 '12 at 06:14
4

it will be good to add `-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null` for ssh command as well to avoid accept the machine into known_hosts – larrycai Dec 19 '12 at 06:15
1

B.. b but muh ssh keys... – Damien Jun 01 '17 at 05:50
More detailed example of this script you can find at: https://linuxaria.com/howto/2-practical-examples-of-expect-on-the-linux-cli This examples here should work with remote commands too – Radon8472 Jul 11 '18 at 13:39
This should be the accepted answer. Because it works most of the time. If not, because `expect` is missing on your machine, there are tons of variants you can use instead. One nearly always works: https://en.wikipedia.org/wiki/Expect – Tino Jun 29 '21 at 14:55
I can't install expect but do have access to ssh. Can't ssh send the password to the other command I'm trying to run? `echo $SU_PASSWORD | /afs/cs/software/bin/reaut` – Charlie Parker Nov 25 '22 at 20:23

score 58 · Answer 5 · answered Dec 20 '18 at 21:35

SSH single sign-on is usually achieved with public key authentication and an authentication agent. You could easily add your test VM key to an existing auth agent (see example below). Other methods such as gssapi/kerberos exist but are more complex.

sshpass

In situations where password is the only authentication method available, sshpass can be used to automatically enter the password. Please pay particular attention to the SECURITY CONSIDERATIONS section of the man page. In all three options, the password is visible or stored in plaintext at some point:

Anonymous pipe (recommended by sshpass)

# Create a pipe
PIPE=$(mktemp -u)
mkfifo -m 600 $PIPE
# Attach it to file descriptior 3
exec 3<>$PIPE
# Delete the directory entry
rm $PIPE
# Write your password in the pipe
 echo 'my_secret_password' >&3
# Connect with sshpass -d
sshpass -d3 ssh user@host

# Close the pipe when done
exec 3>&-

It is quite cumbersome in bash, arguably easier with programming languages. Another process could attach to your pipe/fd before the password is written. The window of opportunity is quite short and limited to your processes or root.

Environment variable

# Set your password in an environment variable
 export SSHPASS='my_secret_password'
# Connect with sshpass -e
sshpass -e ssh user@host

You and root can read your process' environment variables (i.e. your password) while sshpass is running (cat /proc/<pid>/environ | tr '\0' '\n' | grep ^SSHPASS=). The window of opportunity is much longer but still limited to your own processes or root, not other users.

Command-line argument (least secure)

 sshpass -p my_secret_password ssh user@host

This is convenient but less secure as described in the man page. Command line arguments are visible to all users (e.g. ps -ef | grep sshpass). sshpass attempts to hide the argument, but there is still a window during which all users can see your password passed by argument.

Side note

Set your bash HISTCONTROL variable to ignorespace or ignoreboth and prefix your sensitive commands with a space. They won't be saved in history.

SSH public key authentication

# Generate a key pair
# Do NOT leave the passphrase empty
ssh-keygen
# Copy it to the remote host (added to .ssh/authorized_keys)
ssh-copy-id user@host

The passphrase is very important. Anyone somehow obtaining the private key file won't be able to use it without the passphrase.

Setup the SSH authentication agent

# Start the agent
eval `ssh-agent`
# Add the identity (private key) to the agent
ssh-add /path/to/private-key
# Enter key passphrase (one time only, while the agent is running)

Connect as usual

ssh user@host

The advantage is that your private key is encrypted and you only need to enter its passphrase once (via a safer input method too).

If you really can't resist answering "don't do that", *this* is how you should do it! Answer the *actual question* and then throw in your unsolicited advice at the end. Good job @nrolans. — Timmmm, Dec 18 '19 at 10:59
sshpass is not an option - there is not such thing in git bash. it should be installed — Nusrat Nuriyev, Apr 20 '21 at 10:32
I can't install expect but do have access to ssh. Can't ssh send the password to the other command I'm trying to run? `echo $SU_PASSWORD | /afs/cs/software/bin/reaut` — Charlie Parker, Nov 25 '22 at 20:24
What is the difference in security between using `-d` with anonymous pipe (`gpg -dq pwd.encrypted >&3` as shown above, and `sshpass -f <(gpg -dq pwd.encrypted) ssh host`? AFAIK process substitution creates an anonymous pipe. — nyg, Feb 25 '23 at 01:35

score 35 · Answer 6 · answered Jul 09 '18 at 13:15

35

I am surprised nobody mentioned plink from the putty-tools package in Ubuntu:

plink user@domain -pw mypass  [cmd]

It also available on Windows and the syntax is mostly compatible with the openssh client.

answered Jul 09 '18 at 13:15

eadmaster

827
9
6

4

For windows your answer is good, unfurtunally linux / unix user usually dont have plink – Radon8472 Jul 11 '18 at 13:48
8

it is in the `putty-tools` package – eadmaster Sep 14 '18 at 16:14
3

Depending on your circumstances, this is still deeply insecure. Passwords on the command line are visible in the process list and might be logged by your shell. – antiduh Oct 30 '19 at 21:29
sure it is insecure, btw nothing is stopping you from store and read the password from the [KDE Wallet](https://wiki.archlinux.org/index.php/KDE_Wallet#Query_passwords_from_the_terminal) (or GNOME Keyring), or another password manager. – eadmaster May 08 '20 at 15:57
I don't have plink :( but I do have ssh and need to use my password. – Charlie Parker Nov 25 '22 at 20:25
any body can download plink executable from this page https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html – M.R.T Jan 02 '23 at 12:04

score 22 · Answer 7 · edited May 25 '16 at 01:53

22

This might not be any use to you, but you can do it with Perl:

\#!/usr/bin/perl  
use warnings;  
use strict;  

use Net::SSH::Perl;  
my $host = 'remote.serv.er';  
my $user = 'root';  
my $pass = 'hunter2';  
my $ssh = Net::SSH::Perl->new('$host');  
$ssh->login('$user', '$pass') or die "Oh noes! $!";

edited May 25 '16 at 01:53

kaiser

1,251
1
16
24

answered Mar 01 '11 at 11:52

James L

6,025
1
22
26

3

Likewise, you can do with this Ruby https://github.com/net-ssh/net-ssh – EnabrenTane Jun 17 '13 at 23:47

score 9 · Answer 8 · answered Jan 11 '20 at 23:26

9

I prefer passh https://github.com/clarkwang/passh

sshpass is broken by design.

when the ssh server is not added already in my known_hosts, sshpass will not show me the message to add the server to my known hosts, passh do not have this problem.

Login to a remote server:

$ passh -p password ssh user@host

answered Jan 11 '20 at 23:26

Badr Elmers

266
2
6

1

How to install on mac osx? – PKHunter Mar 15 '22 at 21:53
@PKHunter the github repo says it works in mac os too, so you have to compile it first, this is what I did in windows too. I do not use mac os so cannot tell you how to compile there , but google can help you, it is one file so easy to compile. – Badr Elmers Mar 16 '22 at 06:44
@PKHunter it does work on macOS. Here's a 1-liner: `git clone https://github.com/clarkwang/passh && cd passh && cc -o passh passh.c && cp passh /usr/local/bin` – luckman212 Jul 14 '23 at 14:57

score 6 · Answer 9 · answered Nov 22 '18 at 08:30

6

Depending on your automation needs, perhaps Ansible would be a good fit for you. It can nicely manage things like prompting for password, prompting for sudo password, various ways of changing use, securely using encrypted secrets (vault).

If that’s not suitable, I would suggest Expect, as suggested in another answer.

answered Nov 22 '18 at 08:30

Cameron Kerr

4,069
19
25

5

Using Ansible for simple `ssh` automation is like using a caterpillar to perform a headstand on a steeple. Yes, [you can do it](https://youtu.be/t5mn_upy-w8), but .. – Tino Jun 29 '21 at 15:36