There are two ways to do what you want. One involves a stored password, and one does not. Both are non-interactive, meaning that they can work when you're not there to enter a password.
First Method
The way that does not require a password. You can use public/private key authentication instead of passwords with SSH. I'm going to assume that you're using OpenSSH, which comes with practically every Linux distribution that there is.
- Configure your SSH server to accept private key logins. In /etc/ssh/sshd_config make sure that there's a line that says PubkeyAuthentication yes (and that there is no # infront of it). If you change this file, you need to restart the sshd service. If you're not sure, stop and ask somebody here before you break it.
- On your local machine (not the server), create yourself a pair of keys with ssh-keygen -t rsa (you can use other options than rsa, but I'm keeping it simple). Do not specify a password. Save the keys in the locations prompted.
- Open the contents of the id_rsa.pub file that you just created (it's one very long line of text), and copy the contents into the end of the file $HOME/.ssh/authorized_keys on the server machine. Create the file if it doesn't exist.
If you think somebody has a copy of your id_rsa file, you can delete the line that you added to authorized_keys on the server, to disable that key.
FURTHER READING (Daniel Robbins at ibm.com)
Second method
If you thought that was complicated, you wait till you've tried to get this one working. The basic idea is to use expect, which is an administration automation tool, to type your password in to ssh when prompted. It might not always work, and when it doesn't, it's hard to figure out why not. I recommend the first method.
Anyway, here's a command that you can poke at until it does what you want:
Code:
  expect -c 'spawn ssh user@remote.host ; expect assword ; send "passphrase\n" ; interact'
Problem here is doing the scripting. You can either have expect type in further commands, or you can list them as a parameter to ssh in that spawn command (just before the semicolon ; ). It might never work properly for you; again, I recommend the first method.
沒有留言:
張貼留言