Find the answer to your Linux question:
Results 1 to 7 of 7
How can I connect to server via SSH without password being asked (and no public-private keys)? I did try (and failed): echo password | ssh username@host It still asks for ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2006
    Posts
    3

    Question SSH and passwords


    How can I connect to server via SSH without password being asked (and no public-private keys)?

    I did try (and failed):
    echo password | ssh username@host
    It still asks for the password...

    Facts:
    - I need this for an rsync script like this: rsync.exe -rvz -e ssh localpath username@host:remotepath
    - I didn't find that rsync supports anything else but ssh and rsh, therefore I'm stuck with the ssh.
    - The server I need to connect to security policy restricts ssh private-public key authorization. And I can not change that.
    - I don't care that this password is being stored plaintext on my computer.

    Any ideas or suggestions?

  2. #2
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    AFAIK you're stuck. You need keys to do this with ssh, or else you have to enter your password, or use rsh(ech), all of which you say are non-options.

    I'm assuming you know all about setting up the key system - I would pressure the server guys to let you do that. It's pretty damned safe and just requires two files in a home directory on the server.

    DT

  3. #3
    Linux Enthusiast
    Join Date
    Aug 2005
    Location
    Hell
    Posts
    514
    Many scripting languages, like Perl, PHP, etc. have libraries/modules that implement SSH and will let you connect using a password.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    That would require control on the server side, though, wouldn't it? Given their not even letting him store a couple of config files in .ssh, I'm not sure that's likely. In the end, authentication has to happen on the server side when you're trying to upload to it. It would be a far more significant security hole on the server giving him scripting library access than simply supporting ssl.

    DT

  6. #5
    Just Joined!
    Join Date
    Feb 2006
    Posts
    3
    I modified the ssh source code (openssh 4.3p1-2) adding a password parameter for the authentication mode "password".
    ssh connection can be opened like this now:
    ssh -o PreferredAuthentications=password -z mypassword user@host
    So, now what can do is:
    rsync -rvz -e "ssh -o PreferredAuthentications=password -z mypassword" localpath username@host:remotepath
    Yes, the secureness of it is close to zero. But I don't need much security in this case. What I needed was to get the rsync to work and I did it.

    Btw, if anyone else is interested in having the password option (but if you really need it, because it's unsecure!), here's the changes I made:

    ssh.c
    ---was---
    " [-w tunnel:tunnel] [user@]hostname [command]\n"
    ---new---
    " [-w tunnel:tunnel] [-z login_pass] [user@]hostname [command]\n"


    ssh.c
    ---was---
    while ((opt = getopt(ac, av,
    "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S: TVw:XY")) != -1) {
    ---new---
    while ((opt = getopt(ac, av,
    "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S: TVw:XYz:")) != -1) {


    ssh.c
    ---was---
    case 'l':
    options.user = optarg;
    break;
    ---new---
    case 'l':
    options.user = optarg;
    break;
    case 'z':
    options.password = optarg;
    break;


    readconf.h
    ---was---
    char *user; /* User to log in as. */
    ---new---
    char *user; /* User to log in as. */
    char *password; /* Password to use in the
    * first try of the password
    * authentication */

    readconf.h
    initialize_options
    ---was---
    options->user = NULL;
    ---new---
    options->user = NULL;
    options->password = NULL;


    sshconnect2.c
    userauth_passwd
    ---was---
    password = read_passphrase(prompt, 0);
    ---new---
    if (attempt == 1 && options.password != NULL) {
    password = xstrdup(options.password);
    debug2("Password given as command line argument.");
    } else {
    password = read_passphrase(prompt, 0);
    }

  7. #6
    Linux User DThor's Avatar
    Join Date
    Jan 2006
    Location
    Ca..na...daaa....
    Posts
    319
    LOL! Very cool, but I'd be a little surprised if the server that was so restrictive about your keys took to this kindly. I still don't understand how you can do this all on the client end!

    DT

  8. #7
    Just Joined!
    Join Date
    Feb 2006
    Posts
    3
    The server people have made effort to configure the server to work well. Any change is a potential threat to server stability and security. They better like to ignore my suggestions. And then I better spend half a day to create a little ssh modification. I had already spent even more time to find a way to give password without changing the ssh source.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •