scp using a password on the command line
Solution 1
IMO, your best bet is to use some sort of expect script. My usual tricks for throwing a password at a command like this aren't working in my Cygwin installation.
Solution 2
I recommend using an ssh key for this purpose. If you can log in as root, you can also change the configuration of the ssh server.
As the next option, you can set the SSH_ASKPASS
environment variable to point to a script that you write, that script just has to output the password on stdout.
There is a few prerequisites for SSH_ASKPASS
to work:
- The
ssh
command must not have access to a tty. - The
ssh
command must think it has access to an X server. It should be sufficient to have the necessary environment variables set, even if the X server they point to does not exist. - The server must support password authentication.
One problem that I ran into when trying to do the above with an embedded system was an ssh server which did not support password authentication. Instead it used keyboard-interactive, but configured in a way that made it look like password authentication.
As a last resort if none of the above works you need to wrap the ssh
command in a script, which fakes a tty and feed the password through that. I used expect
to achieve that.
Related videos on Youtube
spierepf
BY DAY: Code Samurai for Nautel Canada BY NIGHT: Halifax Makerspace, Hal-Con Gaming FOR FUN: I don't do it if it isn't fun.
Updated on September 18, 2022Comments
-
spierepf over 1 year
I am trying to write a script that will deploy a build created on my desktop machine (windows/cygwin) to a machine in my test environment (linux).
I would like to use scp to copy the build to the target machine. The only account on the target machine is root, and I cannot create a special user for this task. The root user is unable to log in using an ssh key (I suspect that this is configured on the ssh server, but I do not know which configuration options control this). At any rate, I cannot change the configuration of the ssh server.
My desktop machine uses Cygwin, and I have ssh installed. What I need is the command-line-fu that will allow me to put the password on the command line.
I am aware of the dangers of having a plaintext password in a shell script, but that is not a concern here.
-
Chopper3 almost 10 years
-
user9517 almost 10 yearsAre you a system administrator on the target server ?
-
spierepf almost 10 yearsI have the root password for the target server, however, I'm only allowed to use it to deploy test builds. I am not permitted to change the server's configuration.
-
-
Sobrique almost 10 yearsThat's by design in ssh. It's incredibly difficult to feed passwords in on the command line to ssh and scp, simply because it's dangerous and unnecessary when you have public-private key auth (even passwordless) as an alternative option.
-
John almost 10 yearsIt's useful. I do recommend trying to get the server to accept an SSH key long-term, but if that's not possible for whatever reason,
expect
should at least let you hack dirtily around it.