SSH with no password prompt

[akindo]

Hi all,

I'm writing a script which will log into a list of servers if they have public/private keypairs set up. If a server doesn't, I want the script to move on to the next server rather than wait at a password prompt.

I'm using OpenSSH version 5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 on both client and server.

I'm using this command:

Code:

ssh root "at" "IP" -o PasswordAuthentication=no KbdInteractiveAuthentication=no

I had to write "at" instead of the symbol, as I'm not allowed to "post URLs to other sites after you have made 15 posts or more."

This works for most servers, but not all (on some of them the script halts at a password prompt). I suspect those servers may run an older version of SSH which doesn't support the options I'm providing.

Any ideas? Thanks for any help.

Jannik

[nmset]

Authentication methods are quite diverse in SSH and may be complex.

Code:

man sshd_config

give much details of the server configuration. You should in particular pay attention to

• PermitRootLogin
• RSAAuthentication
• PubkeyAuthentication
• RhostsRSAAuthentication
• UsePAM

If you just want the script to move on at the password prompt,

• LoginGraceTime

is what you should tune.

[dmjlambert]

Instead of man sshd_config, you probably want man ssh_config. That will give you the client-side stuff, which is what you're looking for.

Instead of "-o PasswordAuthentication=no KbdInteractiveAuthentication=no", try "-o PreferredAuthentications=publickey". This should work. If you're scripting a while read loop, you may also need the -n option to keep ssh from reading the stdin intended for your read command.

[akindo]

nmset: thanks. I did check man ssh_config.

dmjlambert: PreferredAuthentications=publickey did work, that was what I needed. Thanks a lot for the help. I don't need the -n option as I'm reading from a file.