Or pass a config file to the command containing a password?
I'm looking after a cluster and trying to use PSSH, unfortunately because I have to pass a lot of nohup commands I need the post character &, this gobbles the password request after ssh is issued so I'm trying to edit the pssh files to get around the problem.
Have you considered using ssh keys for passwordless authentication between your cluster members ?
-p switch is port not password, AFAIK there is builtin in ssh to pass password.
You would need to use expect tool, which i would always advise against.
Yeah, I gave up on what I really wanted and went with keys, this is far from ideal, if you knew the entire situation you'd understand. Anyway...
Keys for now have helped, except, they are user dependent? User A creates keys and can use them. User B logs in but can't use them. B generates keys, then A can't log on. This is of no use to me at all, I'm not sitting copying keys for 30 servers every time a different user wants access.
So the new question is: Is this normal? Only 1 live set of keys at any one time? How can I prevent this?
So what is the situation? usera, userb and userc all logging onto userx@remote1 and userx@remote2?
Actually, if this is the case, you modify authorised_keys for userx@remote1 then use a for loop to use scp to copy the file to userx in all the other machines.
Somebody may be able to propose a better solution if we understand your problem better.
UserA creates a key pair, and copies the public one to the right spot on your 30 servers. UserB creates a key pair, and copies /appends (made explicit due to rbatte's remark) the public one to the right spot on your 30 servers. From now on, either can happily log into any of those servers, no further interacton necessary.
The authorized_keys file can store multiple public keys allowing multiple sources/users to log in, if that is what you wish.
In your current process, does userA generate some keys the overwrite the authorized_keys file for userX on the target server? You need to add the public key, not overwrite the whole file.
You could have same key for everyone, granulated by group for instance.
If you really want to do it in that fashion, take a look at AuthorizedKeysFiles and Match directive for your SSH server.
It should be doable, in a way when user is created and belonging to a group and has public key to login without additional intervention, since the key is effectively per group configured globally on ssh server.
I have not tested this scenario, nor used it and hopefully i understood the requirement.
Spin up couple of vm boxes and give it a shot
