[CLUE-Tech] Bash and password entry
Timothy C. Klein
teece at silverklein.net
Sun Mar 24 14:16:43 MST 2002
* Matt Gushee (mgushee at havenrock.com) wrote:
> Hi, all--
>
> I was wondering how you can handle password entry in a shell script.
> I was thinking about writing a script that would synchronize certain
> directories on 2 hosts, using scp ... obviously it would be nice not
> to have to enter a password/passphrase for each file copied, but I
> don't know how (or if) I could store a password in a variable and
> reuse it.
>
> I now realize that for this particular problem the easiest and probably
> best solution is just to run the script in an ssh-agent session. But
> I've thought in the past about automating various tasks that involve
> passwords, and there isn't always a convenient password-preserving
> shell available. Is there a utility you can call from bash to handle
> passwords?
You could use Expect, or you could write a 'here document' that
contained input for scp, including the password. This would involve
having your password lying around in plain text, though. I would
definitely go with ssh-agent. You can get a utility from the Gentoo
Linux guy called 'keychain'
http://www.gentoo.org/projects/keychain
You put a reference to this in your bash_login and xinit/xsession
scripts, and it will prompt you for a password once, if no ssh-agent is
running, and start one up. If ssh-agent is running, it will contact the
agent and set up bash/X to use that agent. The agent is long running,
it won't die unless you kill it. Makes your keys essentially
password-less, for hosts that you trust and allow exporting
authentication agent info.
Tim
--
==============================================
== Timothy Klein || teece at silverklein.net ==
== ---------------------------------------- ==
== "Hello, World" 17 Errors, 31 Warnings... ==
==============================================
More information about the clue-tech
mailing list