Bash Script to SSH into a machine without prompting password and without using keys

Question

I realize this question has been asked a few times but I could not find a relevant answer anywhere in my searching.

I am working in a development environment where security is not an issue and anyone could just guess the password if the thought for a few seconds.

What I am trying to do is simple. I have created an alias function in my local .bashrc file and I would like this function to automatically log into a machine with a default password.

My current implementation looks something like this:

function s () { 
 ssh root@192.168.1.$1
}

When I run it I get something like this:

~]s 122

ssh root@192.168.1.122

root@192.168.1.122's password:

Using Bash, and not using RSA keys I would like to get this to use the default password 'password'.

I've tried the following where IP and User have already been set.

Do=$(expect -c "
spawn ssh $User@${IP[0]}.${IP[1]}.${IP[2]}.${IP[3]} 
expect \"yes/no\" 
send \"yes\r\" 
expect \"assword\" send \"password\"")
echo $Do
$Do

It gives the follwing error:

Connecting and logging into server using expect
usage: send [args] string
    while executing
"send"
    invoked from within
"expect "assword" send "password""
 Administrator@192.168.1.176's password:
bash: spawn: command not found...

Using the following command I am able to connect a machine. If I remove the interact it just runs the uptime command and closes the connection. With the interact command I am unable to see what I am typing or actually interact with the machine. Any ideas?

Do=$(expect -c "spawn ssh $User@${IP[0]}.${IP[1]}.${IP[2]}.${IP[3]}; set timeout 4; expect \"assword\"; send \"password\n\"; expect \"test\"; send \"uptime\n\"; interact;");echo $Do;

Does the spawn command set up the environment? If not then the path won't be set and it won't know where to look for 'ssh'. Try putting the full path to the executable. — Jay, Nov 08 '12 at 22:38
Just wondering, what's your aversion to RSA keys? The first thing I always do when setting up a new system is to authorize an RSA key. — mpontillo, Nov 08 '12 at 22:45
I didn't want to work with RSA keys because I am working with a lot of different servers that have a very limited lifetime, and this script is going to be used by many people.The idea is to save time by not having to type in the same password every time. If I have to type the password in every time I first visit a new machine to ssh-copy-id the keys over it defeats the purpose. — SuperTetelman, Nov 08 '12 at 22:51
@Jay Are you saying that expect's spawn command won't know what to do with ssh and I should use /bin/ssh instead? — SuperTetelman, Nov 08 '12 at 23:56
@SuperTetelman, why not ship the RSA key alongside the script and have the script use `ssh -i `? — mpontillo, Nov 09 '12 at 00:47
@SuperTetelman Yes, it's simple enough to try. Cron scripts have that problem. — Jay, Nov 09 '12 at 04:59
Keys are a much better solution. How are you setting up these limited-lifetime servers in the first place? Whatever you're using to get the root password set could just as easily install the authorized_keys file instead. — Mark Reed, Nov 09 '12 at 11:47

sampson-chen · Answer 1 · 2012-11-08T22:28:01.670

You can do this with the expect tool: http://expect.sourceforge.net/

It's widely available, so depending on your system, the equivalent of sudo apt-get install expect or yum install expect will install it.

Here's an example of an expect script with ssh. This logs you in and gives you control of the interactive prompt:

#!/usr/bin/expect

set login "root"
set addr "127.0.0.1"
set pw "password"

spawn ssh $login@$addr
expect "$login@$addr\'s password:"
send "$pw\r"
expect "#"
send "cd /developer\r"
interact

Here's an example of how to use expect as part of a bash script. This logs in with ssh, cd to /var, runs a script, then exits the ssh session.

#!/bin/bash
...

login_via_ssh_and_do_stuff() {

    # build the expect script in bash

    expect_sh=$(expect -c "
    spawn ssh root@127.0.0.1
    expect \"password:\"
    send \"password\r\"
    expect \"#\"
    send \"cd /var\r\"
    expect \"#\"
    send \"chmod +x my_script.sh\r\"
    expect \"#\"
    send \"./my_script.sh\r\"
    expect \"#\"
    send \"exit\r\"
    ")

    # run the expect script
    echo "$expect_sh"
}

You can leave these snippets in a script on your local system, and then just alias to the scripts.

Also: I know you said security isn't an issue, but I'd like to just note, again, that the "proper" way to ssh without using a password is to use a ssh key-pair =)

@Kevin: Negative: http://www.pantz.org/software/expect/expect_examples_and_tips.html — sampson-chen, Nov 08 '12 at 23:37
I've used both \n and \r for expect scripts. Is one recommended over the other? — SuperTetelman, Nov 08 '12 at 23:53

uvsmtid · Answer 2 · 2016-04-18T13:15:10.450

6

Use sshpass which is available in package repositories on major Linux-es.

For example, when password is in password.txt file:

sshpass -fpassword.txt ssh username@hostname

sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user.

edited Apr 18 '16 at 13:15

answered Dec 23 '13 at 17:36

uvsmtid

4,187
4
38
64

Bash Script to SSH into a machine without prompting password and without using keys

2 Answers2

Linked