0

There are a large number of old linux devices. I am trying to write a program to automatically copy its configuration. shh public key authentication doesn't work, but rsync is there. I cannot send a password to the opening session. I'm trying to use Popen, but I can't seem to get the stdin sent to the process. Security is not important in this case, because the network is isolated.

def syncdevice(ip):
    session = Popen([f'rsync -a user@{ip}:/mnt/usr /home/d400/ftp/{year}/{mounth}/{ip}/'], stdin=PIPE, stdout=PIPE, shell=True, universal_newlines=True)
    return session
syncdevice('192.168.0.1')
session.stdin.write('password\n')

I try other functions like "communicate()", but in not effected also.

Luck
  • 1
  • Well-behaved software reads passwords direct from the TTY, not from stdin, so nothing is trying to read a password you're sending on stdin. – Charles Duffy Nov 15 '20 at 02:38
  • Anyhow, what's the underlying protocol? Is this rsync-over-ssh, or rsync directly over unencrypted TCP? – Charles Duffy Nov 15 '20 at 02:41
  • By the way, you'd better trust the values passed in the `year` and `month` variables -- because you're using `shell=True` a year of `$(rm -rf ~)` could delete files on your local machine. It's much safer to use `shell=False` and use an explicit argument list instead of a string. – Charles Duffy Nov 15 '20 at 02:43
  • @CharlesDuffy It's rsync-over-ssh – Luck Nov 15 '20 at 08:03
  • See the answers suggesting `sshpass` on the linked duplicate. – Charles Duffy Nov 15 '20 at 17:58

1 Answers1

0

You can use the RSYNC_PASSWORD environment variable or use the --password-file option. The environment variable solution is:

import os

def syncdevice(ip, password):
    env = os.environ.copy()
    env["RSYNC_PASSWORD"] = password
    session = Popen(['rsync', '-a', f'user@{ip}:/mnt/usr /home/d400/ftp/{year}/{mounth}/{ip}/'],
        stdin=PIPE, stdout=PIPE, shell=True, universal_newlines=True,
        env=env)
    return session

syncdevice('192.168.0.1', password)

(note: your quoting on the command seemed off, it should be each token separately in the list)

tdelaney
  • 73,364
  • 6
  • 83
  • 116