Used the script posted on forum - Unix Linux Community - Technical support for all Unix and Linux users but the last question posted on this seems to be still unanswered, tried different things with no success, can someone help giving an way to pass the password via script for ssh connection. Using except is not an option. We have more than 300 servers and need to setup an script to change password. Also setting up ssh public keys for password less communciation is not an option with these limitation, I am using following code, but it just waits on the password prompt. can someone help?
#! /usr/bin/ksh
DELAY=4
stty -echo
print -n Enter Old Password-
read OLDPASS
print
print -n Enter New Password-
read NEWPASS
print
stty echo
USER=$(whoami)
exec 4>&1
prog=${0##*/}
progdir=$(dirname $0)
for HOST in $( cat "$progdir/.servers" ) ; do
ssh -T -oPreferredAuthentications=password $HOST >&4 2>&4 |&
sleep $DELAYprint -p $OLDPASS
sleep $DELAY
print -p touch changepassdatafile.$HOST
sleep $DELAY
print -p exit
wait
done
Password authentication means password typed by a human authentication. ssh, scp, sftp, su, sudo, and other sane login systems are all designed to require a human at the helm when passwords are involved, and only accept anything else under great duress. This is because storing or passing around plaintext passwords anywhere on your system is an extremely bad idea.
ssh fortunately has secure methods to login without a password. The right files in the right places on client and host allow the login to to through without a prompt. See this article.
I believe current implementation of ssh doesn't allow to pass the password through a switch or automatically. It's for security reasons. You really should use keys.
However, if you for some crazy reason dont want to, I see 2 options:
use 'expect' to create the script. While the script si running, anybody can see the password by looking at the running process (e.g. 'ps aux | grep yourScript ')
One work around is to create a key on the local machine. Log into the same account on the local machine through the key. This way you fake a tty through the network connection: