FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 11-11-2008, 08:42 AM
"Fajar Priyanto"
 
Default Can expect do this?

Hi all,
I'm trying to scp some files from machine1 to machine2.
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh
So, I'm confused how to automate it as cronjob.
However, I read somewhere that we can write a little bash script that
will utilize 'expect' to answer for the ssh password prompt?
Can we do this?
Any examples are great help.
Thank you.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 08:49 AM
John R Pierce
 
Default Can expect do this?

Fajar Priyanto wrote:

Hi all,
I'm trying to scp some files from machine1 to machine2.
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh



you really should convince whomever has made that boneheaded decision
that its a lot MORE secure than requiring you to put the password in
plaintext scripts



So, I'm confused how to automate it as cronjob.
However, I read somewhere that we can write a little bash script that
will utilize 'expect' to answer for the ssh password prompt



dunno, never tried. seems to have a nice long man page with lots of
examples.



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 08:55 AM
"Filipe Brandenburger"
 
Default Can expect do this?

Hi,

On Tue, Nov 11, 2008 at 04:42, Fajar Priyanto <fajarpri@arinet.org> wrote:
> But, I'm in an environment where PubKeyAuthentication is not allowed in ssh
> So, I'm confused how to automate it as cronjob.

Before you start, consider enabling public keys or requesting that to
your sysadmin, since using them is much more secure than storing your
passwords in text scripts.

> However, I read somewhere that we can write a little bash script that
> will utilize 'expect' to answer for the ssh password prompt?
> Can we do this?

Yes.

> Any examples are great help.

Google is your friend.
http://bash.cyberciti.biz/security/expect-ssh-login-script/

(DISCLAIMER: I haven't tested the script above. Google it yourself if
you want to see others.)

HTH,
Filipe
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 12:03 PM
Barry Brimer
 
Default Can expect do this?

Hi all,
I'm trying to scp some files from machine1 to machine2.
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh
So, I'm confused how to automate it as cronjob.
However, I read somewhere that we can write a little bash script that
will utilize 'expect' to answer for the ssh password prompt?
Can we do this?
Any examples are great help.
Thank you.


Use autoexpect. It will write the expect script for you. I can't think
of any reason why this wouldn't work.


Barry
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 12:14 PM
Fajar Priyanto
 
Default Can expect do this?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Filipe Brandenburger wrote:
> Hi,
>
> On Tue, Nov 11, 2008 at 04:42, Fajar Priyanto <fajarpri@arinet.org> wrote:
>> But, I'm in an environment where PubKeyAuthentication is not allowed in ssh
>> So, I'm confused how to automate it as cronjob.
>
> Before you start, consider enabling public keys or requesting that to
> your sysadmin, since using them is much more secure than storing your
> passwords in text scripts.
>
>> However, I read somewhere that we can write a little bash script that
>> will utilize 'expect' to answer for the ssh password prompt?
>> Can we do this?
>
> Yes.
>
>> Any examples are great help.
>
> Google is your friend.
> http://bash.cyberciti.biz/security/expect-ssh-login-script/

Thanks guys,
Yes, I agree keybased ssh is much more secure right.
Let see what I can do.

- --
Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial
http://linux2.arinet.org
13:10:54 up 5:02, 2.6.24-18-generic GNU/Linux
Let's use OpenOffice. http://www.openoffice.org
The real challenge of teaching is getting your students motivated to learn.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJGYVOj17uLfLguNoRArr8AJoCdClNxK4rtbDMlw4bql fogGefJACfYUWw
iweB0QiIxmjdLNxCVKajafg=
=46JV
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 03:58 PM
MHR
 
Default Can expect do this?

On Tue, Nov 11, 2008 at 5:03 AM, Barry Brimer <lists@brimer.org> wrote:
>
> Use autoexpect. It will write the expect script for you. I can't think of
> any reason why this wouldn't work.
>

It probably will, but there are severe security issues with this sort
(plain text passwords) of approach. I try to avoid those like the
plague they can turn out to be, usually when you least expect or need
it.

mhr
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 04:25 PM
Barry Brimer
 
Default Can expect do this?

Quoting MHR <mhullrich@gmail.com>:

> On Tue, Nov 11, 2008 at 5:03 AM, Barry Brimer <lists@brimer.org> wrote:
> >
> > Use autoexpect. It will write the expect script for you. I can't think of
> > any reason why this wouldn't work.
> >
>
> It probably will, but there are severe security issues with this sort
> (plain text passwords) of approach. I try to avoid those like the
> plague they can turn out to be, usually when you least expect or need
> it.

There are no doubt severe security issues with this method, but the OP stated
that key-authenticated sessions were not permissible. He would be better off
encouraging the powers that be to allow key-authenticated session.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 04:44 PM
MHR
 
Default Can expect do this?

On Tue, Nov 11, 2008 at 9:25 AM, Barry Brimer <lists@brimer.org> wrote:
>
> There are no doubt severe security issues with this method, but the OP stated
> that key-authenticated sessions were not permissible. He would be better off
> encouraging the powers that be to allow key-authenticated session.

Absolutely!

Actually, the devious mind latches onto this discussion and prompts
the OP to provide a demonstration....

Non-destructive, of course....

;^)

mhr
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 11-11-2008, 05:31 PM
Greg Bailey
 
Default Can expect do this?

Fajar Priyanto wrote:

Hi all,
I'm trying to scp some files from machine1 to machine2.
But, I'm in an environment where PubKeyAuthentication is not allowed in ssh
So, I'm confused how to automate it as cronjob.
However, I read somewhere that we can write a little bash script that
will utilize 'expect' to answer for the ssh password prompt?
Can we do this?
Any examples are great help.
Thank you.



I would concur with everyone else who says you really should be using
public keys for this sort of thing. But, another option, if you're
really forced to use it, is to set the SSH_ASKPASS environment variable
to a program that spits out the password, and then ssh will use that for
the password instead of prompting the user for it. (See 'ssh' man page)...


Definitely not recommended, for all the reasons stated in replies to
this thread...


-Greg

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 04:58 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org