Use sshpass to automate password based ssh logins

On some systems the SSH server only allows keyboard-interactive password logins. The sshpass util can be used to emulate an interactive keyboard login even if it is run in non interactive mode.

Before you use the sshpass command to automate ssh logins you should try to enable the public key authentication. The public key authentication should be preferred over passwords.

Installation

First of all you have to install sshpass. At the time of writing it is available from the package repository of many popular linux distributions. In the example below you can see how to install it on a Debian or Ubuntu system.

$ sudo apt-get install sshpass

Command-line

After the installation has been completed successfully you can use ssh in combination with sshpass to login.

sshpass -p 'my_password' ssh test@1.2.3.4

If you have to use sshpass you should not use the command as shown in the example above. If a other users can run the ps command or any other command to list the running process he or she will be able to find out you password. You can find an example in the listing below.

$ ps aux | grep sshpass
user   11224  0.0  0.0  12972  1980 pts/1    S+   23:01   0:00 sshpass -p zzzzzzzzzzz ssh test@1.2.3.4

Environment variables

It is also possible to provide the password by setting the SSHPASS environment variable. You can see how to do this in the example below.

export SSHPASS=my_password
sshpass -e ssh ADMIN@1.2.3.4

File

The sshpass util can also read the password from a file. Just check out the example below.

sshpass -f password.file ssh ADMIN@1.2.3.4

Real world example

In the article Use Supermicros IPMI and SSH to power on a serve you can find some information on how to start a server using the IPMI. The main issue is that it does not support key based authentication. That's why we have to use sshpass tool.

echo 'start /system1/pwrmgtsvc1' | sshpass -f /root/.test.pw ssh -T ADMIN@1.2.3.4

Links

Related articles