[‘
In most cases, Linux system administrators login to remote Linux servers using SSH either by supplying a password, or passwordless SSH login, or keybased SSH authentication.
n
What if you want to supply a password along with username to SSH prompt itself? this is where sshpass comes to rescue.
n
sshpass is a simple and lightweight command line tool that enables us to provide password (non-interactive password authentication) to the command prompt itself, so that automated shell scripts can be executed to take backups via cron scheduler.
n
ssh uses straight TTY access to make sure that the password is actually supplied by an interactive keyboard user. Sshpass runs ssh in a devoted tty, mislead it into believing that it is receiving the password from an interactive user.
n
Important: Using sshpass considered to be least secure, as it reveals the password to all system users on the command line with simple “ps” command. I highly recommend using SSH Passwordless authentication.
n
Install sshpass on Linux Systems
n
In RedHat/CentOS based systems, first you need to enable Epel repository on your system to install it using yum command as shown.
n
# yum install sshpassrn# dnf install sshpass [On Fedora 22+ versions]rn
n
On Debian/Ubuntu and its derivatives, you can install it using apt-get command as shown.
n
$ sudo apt-get install sshpassrn
n
Alternatively, you can install from source to have latest version of sshpass, first download the source code and then extract contents of the tar file and install it like so:
n
$ wget http://sourceforge.net/projects/sshpass/files/latest/download -O sshpass.tar.gzrn$ tar -xvf sshpass.tar.gzrn$ cd sshpass-1.06rn$ ./configurern# sudo make install rn
n
How to Use sshpass in Linux
n
sshpass is used together with ssh, you can view all the sshpass usage options with full descriptions by issuing the command below:
n
$ sshpass -hrn
n
n
Usage: sshpass [-f|-d|-p|-e] [-hV] command parametersrn -f filename Take password to use from filern -d number Use number as file descriptor for getting passwordrn -p password Provide password as argument (security unwise)rn -e Password is passed as env-var "SSHPASS"rn With no parameters - password will be taken from stdinrnrn -h Show help (this screen)rn -V Print version informationrnAt most one of -f, -d, -p or -e should be usedrn
n
As I mentioned before, sshpass is more reliable and useful for scripting purposes, consider the example commands below.
n
Login to remote Linux ssh server (10.42.0.1) with the username and password and check the file-system disk usage of remote system as shown.
n
$ sshpass -p 'my_pass_here' ssh [emailxa0protected] 'df -h' rn
n
Important: Here, the password is provided on the command line which is practically unsecure and using this option is not recommended.
n
n
However, to prevent showing password on the screen, you can use the -e flag and enter the password as a value of the SSHPASS environment variable as below:
n
$ export SSHPASS='my_pass_here'rn$ echo $SSHPASSrn$ sshpass -e ssh [emailxa0protected] 'df -h' rn
n
n
Note: In the example above, SSHPASS environment variable is for temporary purpose only and will be removed during reboot.
n
To permanently set the SSHPASS environment variable, open the /etc/profile file and type the export statement at the beginning of the file:
n
export SSHPASS='my_pass_here'rn
n
Save the file and exit, then run the command below to effect the changes:
n
$ source /etc/profile rn
n
On the other hand, you can also use the -f flag and put the password in a file. This way, you can read the password from the file as follows:
n
$ sshpass -f password_filename ssh [emailxa0protected] 'df -h'rn
n
n
You can also use sshpass to transfer files using scp or backup/sync files over rsync using SSH as shown:
n
------- Transfer Files Using SCP ------- rn$ scp -r /var/www/html/example.com --rsh="sshpass -p 'my_pass_here' ssh -l aaronkilik" 10.42.0.1:/var/www/htmlrnrn------- Backup or Sync Files Using Rsync -------rn$ rsync --rsh="sshpass -p 'my_pass_here' ssh -l aaronkilik" 10.42.0.1:/data/backup/ /backup/rn
n
For more usage, I suggest you to read through the sshpass man page, type:
n
$ man sshpassrn
n
In this article, we explained sshpass a simple tool that enables non-interactive password authentication. Although, this tools may be helpful, it is highly recommended to use ssh’s more secure public key authentication mechanism.
n
Please, do leave a question or comment via the feedback section below for any further discussions.
n
‘]