0

I'm trying to run a remote command using SSH in a script. Host1 is connecting to Host2 to run a command.

I've setup the public keys between the two hosts so I don't need to use a password to make the ssh connection.

However, the key for Host1 was generated using a passphrase so SSH is still prompting for that passphrase when I try to SSH.

Is there any way to specify this passphrase so that my script can execute the command?

I know I can re-generate the key and choose not to use a passphrase; but I'm wondering if it is at all possible to use a passphrase and run ssh from a script?

I tried setting the SSH_ASKPASS environment variable as described here but that did not work. I'm assuming it only uses that variable for the password and not for the passphrase?

Community
  • 1
FGreg
  • 235
  • 2
    If you start up an ssh-agent and then ssh-add your key, you'll have to give the passphrase once, but the subsequent ssh commands will not require interaction. – glenn jackman Sep 18 '15 at 18:19
  • 1
    possible duplicate of Can I automatically login to ssh using passwords from OS X keychain? – Jakuje Sep 18 '15 at 18:20
  • @glenn jackamn said it all. Your either want manual check for password every time (and no password/passphrase in script). Or no manual prompt, use a passphrase less key pair (and automatic connection for whoever hijack computer/user). – Archemar Sep 19 '15 at 08:56
  • If the script needs to run without a passphrase then effectively it means that you need to unencrypted key somewhere accessible to it. If you want to maintain the passphrase to stop user access while allowing the script ssh-agent is probably best, or set up a separate key the script has permission to use but the user doesn't. Won't stop a root user, though. – mykel Sep 20 '15 at 12:58

1 Answers1

0

It is possible to create scripts using the expect command. It was specifically designed to handle these situations.

Note that you will have to store your passphrase somewhere in clear text in your script.

I use it to log in to some remote servers without having to type my password for the remote machines.

NZD
  • 2,630