CODEWITHSUNDEEP
linuxbashshellsshpass
user294110
user294110

Reputation: 169

password as a input with sshpass command

I have written a bash script for my office usage to fetch some information from the devices using sshpass along with ssh command. As we know sshpass allows a password to be passed on the command line using -p option, which makes the password visible hence I want a password that needs to be prompted as user input on the screen itself.

The below script works fine, but I need a password to be prompted on the screen for user input. Please advise how this can be done, as I have googled around but did not get any concrete answer.

#!/bin/bash
#
# timestamp to be attached to the log file
TIMESTAMP=$(date "+%Y%m%d%H%M%S")

# logfile to collect all the Firmware Version of C7000 components
LOGFILE="/home/myuser/firmware_version-${TIMESTAMP}.log"

for host in $(cat enc_list);
do
        echo "========= $host =========";
        sshpass -p  my_password timeout -t 20 ssh -o "StrictHostKeyChecking no" $host  -l tscad  show firmware summary ;
done | tee -a "${LOGFILE}"

Upvotes: 1

Views: 2175

Answers (3)

user294110
user294110

Reputation: 169

Just for the sake of other users which may be looking for the same solution as I am in the near future.

#!/bin/bash
# OA_FirmwareCheck.sh
# timestamp to be attached to the log file
TIMESTAMP=$(date "+%Y%m%d%H%M%S")

# logfile to collect all the Firmware Version of C7000 components
LOGFILE="/home/myuser/firmware_version-${TIMESTAMP}.log"

# read is a builtin command of the Bash shell. It reads a line of text from standard input.
# -r option used for the "raw input", -s option used for Print the string prompt,
# while option -s tells do not echo keystrokes when read is taking input from the terminal.
# So, altogether it reads password interactively and save it to the environment
read -rsp $'Please Enter password:\n' SSHPASS
export SSHPASS

for host in $(cat enc_list);
do
        echo "========= $host =========";
        sshpass -e timeout -t 20 ssh -o "StrictHostKeyChecking no" $host  -l tscad  show firmware summary ;
done |  tee -a "${LOGFILE}"

# at last clear the exported variable containing the password
unset SSHPASS

Demo:

$ ./OA_FirmwareCheck.sh
Please Enter password below:

PTENC
Built: 04/06/2018 @ 06:14
OA Bay Number:  1

Upvotes: 0

Cyrus
Cyrus

Reputation: 88583

Avoid password in commandline:

read -r -s -p "Password:" SSHPASS
export SSHPASS
sshpass -e timeout ... ssh ...

From man sshpass:

-e: The password is taken from the environment variable "SSHPASS".

Upvotes: 2

pguenther
pguenther

Reputation: 122

Why are you using sshpass in the first place, as it is a utility that's only purpose is to circumvent the default behavior of ssh, which seems to be what you want to achieve?

From the man page:

sshpass is a utility designed for running ssh using the mode referred to as "keyboard-interactive" password authentication, but in non-interactive mode.

and further

Sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user.

Upvotes: 0

Related Questions