How to pass the password to su sudo ssh without overriding the TTY

Question

I m writing a C Shell program that will be doing su or sudo or ssh  They all want their passwords in console input  the TTY  rather than stdin or the command line   Does anybody know a solution   Setting up password-less sudo is not an option   expect could be an option  but it s not present on my stripped-down system

User · Answer

su -c  Command   lt   Password    Hope it is helpful

User · Answer

For sudo there is a -S option for accepting the password from standard input  Here is the man entry       -S          The -S  stdin  option causes sudo to read the password from                 the standard input instead of the terminal device    This will allow you to run a command like   echo myPassword   sudo -S ls  tmp   As for ssh  I have made many attempts to automate script it s usage with no success  There doesn t seem to be any build-in way to pass the password into the command without prompting  As others have mentioned  the  expect  utility seems like it is aimed at addressing this dilemma but ultimately  setting up the correct private-key authorization is the correct way to go when attempting to automate this

User · Answer

Take a look at expect linux utility   It allows you to send output to stdio based on simple pattern matching on stdin

User · Answer

When there s no better choice  as suggested by others   then man socat can help       sleep 5  echo PASSWORD  sleep 5  echo ls  sleep 1       socat - EXEC  ssh -l user server  pty setsid ctty            EXEC   utes an ssh session to server  Uses a pty for communication           between socat and ssh  makes it ssh   s  controlling  tty   ctty             and makes this pty the owner of a new process group  setsid   so           ssh accepts the password from socat    All of the pty setsid ctty complexity is necessary and  while you might not need to sleep as long  you will need to sleep   The echo 0 option is worth a look too  as is passing the remote command on ssh s command line

User · Answer

You can provide password as parameter to expect script

User · Answer

Set SSH up for Public Key Authentication  with no pasphrase on the Key   Loads of guides on the net   You won t need a password to login then   You can then limit connections for a key based on client hostname   Provides reasonable security and is great for automated logins

User · Answer

I wrote some Applescript which prompts for a password via a dialog box and then builds a custom bash command  like this   echo  lt password gt    sudo -S  lt command gt    I m not sure if this helps   It d be nice if sudo accepted a pre-encrypted password  so I could encrypt it within my script and not worry about echoing clear text passwords around  However this works for me and my situation

User · Answer

Building on  Jahid s answer  this worked for me on macOS 10 13   ssh  lt remote username gt   lt remote server gt  sudo -S  lt  lt  lt   lt remote password gt  cat  etc sudoers

User · Answer

Set SSH up for Public Key Authentication  with no pasphrase on the Key   Loads of guides on the net   You won t need a password to login then   You can then limit connections for a key based on client hostname   Provides reasonable security and is great for automated logins

User · Answer

Take a look at expect linux utility   It allows you to send output to stdio based on simple pattern matching on stdin

User · Answer

The usual solution to this problem is setuiding a helper app that performs the task requiring superuser access  http   en wikipedia org wiki Setuid  Sudo is not meant to be used offline   Later edit  SSH can be used with private-public key authentication  If the private key does not have a passphrase  ssh can be used without prompting for a password

User · Answer

echo  lt password gt    su -c  lt command gt   lt user gt     This is working

User · Answer

ssh -t -t me myserver io  lt  lt  EOF echo SOMEPASSWORD   sudo -S do something sudo do something else exit EOF

User · Answer

Hardcoding a password in an expect script is the same as having a passwordless sudo  actually worse  since sudo at least logs its commands

User · Answer

For sudo there is a -S option for accepting the password from standard input  Here is the man entry       -S          The -S  stdin  option causes sudo to read the password from                 the standard input instead of the terminal device    This will allow you to run a command like   echo myPassword   sudo -S ls  tmp   As for ssh  I have made many attempts to automate script it s usage with no success  There doesn t seem to be any build-in way to pass the password into the command without prompting  As others have mentioned  the  expect  utility seems like it is aimed at addressing this dilemma but ultimately  setting up the correct private-key authorization is the correct way to go when attempting to automate this

User · Answer

You can provide password as parameter to expect script

User · Answer

Set SSH up for Public Key Authentication  with no pasphrase on the Key   Loads of guides on the net   You won t need a password to login then   You can then limit connections for a key based on client hostname   Provides reasonable security and is great for automated logins

User · Answer

I ve got   ssh user host bash -c  echo mypass   sudo -S mycommand    Works for me

User · Answer

a better sshpass alternative is  passh https   github com clarkwang passh Login to a remote server    passh -p password ssh user host  Run a command on remote server    passh -p password ssh user host date  other methods to pass the password  -p    The password  Default   password   -p env     Read password from env var -p file   Read password from file  here I explained why it is better than sshpass  and other solutions

User · Answer

Set SSH up for Public Key Authentication  with no pasphrase on the Key   Loads of guides on the net   You won t need a password to login then   You can then limit connections for a key based on client hostname   Provides reasonable security and is great for automated logins

User · Answer

This can be done by setting up public private keys on the target hosts you will be connecting to  The first step would be to generate an ssh key for the user running the script on the local host  by executing   ssh-keygen Enter file in which to save the key   home myuser  ssh id rsa    lt Hit enter for default gt  Overwrite  y n   y   Then enter a blank password   After that  copy your ssh key onto the target host which you will be connecting to   ssh-copy-id  lt remote user gt   lt other host gt  remote user other host s password   lt Enter remote user s password here gt    After registering the ssh keys  you would be able to perform a silent ssh remote user other host from you local host

User · Answer

I had the same problem  dialog script to create directory on remote pc  dialog with ssh is easy  I use sshpass  previously installed       dialog --inputbox  Enter IP  8 78 2 gt   tmp ip     IP   cat  tmp ip       dialog --inputbox  Please enter username  8 78 2 gt   tmp user     US   cat  tmp user       dialog --passwordbox  enter password for    US   8 78 2 gt   tmp pass     PASSWORD     cat  tmp pass       sshpass -p   PASSWORD  ssh  US  IP mkdir -p  home  US TARGET-FOLDER      rm  tmp ip     rm  tmp user     rm  tmp pass   greetings from germany  titus

User · Answer

USE   echo password   sudo command   Example    echo password   sudo apt-get update  whoami   Hope It Helps

User · Answer

Hardcoding a password in an expect script is the same as having a passwordless sudo  actually worse  since sudo at least logs its commands

User · Answer

Maybe you can use an expect command    expect -c  spawn ssh root your-domain com expect password send  your-password n  interact   That command gives the password automatically

User · Answer

For ssh you can use sshpass  sshpass -p yourpassphrase ssh user host   You just need to download sshpass first       apt-get install sshpass   sshpass -p  password  ssh username server

User · Answer

I ve got   ssh user host bash -c  echo mypass   sudo -S mycommand    Works for me

User · Answer

Take a look at expect linux utility   It allows you to send output to stdio based on simple pattern matching on stdin

User · Answer

One way would be to use read -s option    this way the password characters are not echoed back to the screen  I wrote a small script for some use cases and you can see it in my blog  http   www datauniv com blogs 2013 02 21 a-quick-little-expect-script

User · Answer

For sudo you can do this too   sudo -S  lt  lt  lt   password  command

User · Answer

You can provide password as parameter to expect script

User · Answer

For ssh you can use sshpass  sshpass -p yourpassphrase ssh user host   You just need to download sshpass first       apt-get install sshpass   sshpass -p  password  ssh username server

User · Answer

ssh -t -t me myserver io  lt  lt  EOF echo SOMEPASSWORD   sudo -S do something sudo do something else exit EOF

User · Answer

a better sshpass alternative is  passh https   github com clarkwang passh Login to a remote server    passh -p password ssh user host  Run a command on remote server    passh -p password ssh user host date  other methods to pass the password  -p    The password  Default   password   -p env     Read password from env var -p file   Read password from file  here I explained why it is better than sshpass  and other solutions

User · Answer

I had the same problem  dialog script to create directory on remote pc  dialog with ssh is easy  I use sshpass  previously installed       dialog --inputbox  Enter IP  8 78 2 gt   tmp ip     IP   cat  tmp ip       dialog --inputbox  Please enter username  8 78 2 gt   tmp user     US   cat  tmp user       dialog --passwordbox  enter password for    US   8 78 2 gt   tmp pass     PASSWORD     cat  tmp pass       sshpass -p   PASSWORD  ssh  US  IP mkdir -p  home  US TARGET-FOLDER      rm  tmp ip     rm  tmp user     rm  tmp pass   greetings from germany  titus

User · Answer

Maybe you can use an expect command    expect -c  spawn ssh root your-domain com expect password send  your-password n  interact   That command gives the password automatically

User · Answer

USE   echo password   sudo command   Example    echo password   sudo apt-get update  whoami   Hope It Helps

User · Answer

echo  lt password gt    su -c  lt command gt   lt user gt     This is working

User · Answer

You can provide password as parameter to expect script

User · Answer

The usual solution to this problem is setuiding a helper app that performs the task requiring superuser access  http   en wikipedia org wiki Setuid  Sudo is not meant to be used offline   Later edit  SSH can be used with private-public key authentication  If the private key does not have a passphrase  ssh can be used without prompting for a password

User · Answer

One way would be to use read -s option    this way the password characters are not echoed back to the screen  I wrote a small script for some use cases and you can see it in my blog  http   www datauniv com blogs 2013 02 21 a-quick-little-expect-script

User · Answer

Building on  Jahid s answer  this worked for me on macOS 10 13   ssh  lt remote username gt   lt remote server gt  sudo -S  lt  lt  lt   lt remote password gt  cat  etc sudoers

User · Answer

su -c  Command   lt   Password    Hope it is helpful

User · Answer

Take a look at expect linux utility   It allows you to send output to stdio based on simple pattern matching on stdin

User · Answer

The usual solution to this problem is setuiding a helper app that performs the task requiring superuser access  http   en wikipedia org wiki Setuid  Sudo is not meant to be used offline   Later edit  SSH can be used with private-public key authentication  If the private key does not have a passphrase  ssh can be used without prompting for a password

User · Answer

This can be done by setting up public private keys on the target hosts you will be connecting to  The first step would be to generate an ssh key for the user running the script on the local host  by executing   ssh-keygen Enter file in which to save the key   home myuser  ssh id rsa    lt Hit enter for default gt  Overwrite  y n   y   Then enter a blank password   After that  copy your ssh key onto the target host which you will be connecting to   ssh-copy-id  lt remote user gt   lt other host gt  remote user other host s password   lt Enter remote user s password here gt    After registering the ssh keys  you would be able to perform a silent ssh remote user other host from you local host

User · Answer

I wrote some Applescript which prompts for a password via a dialog box and then builds a custom bash command  like this   echo  lt password gt    sudo -S  lt command gt    I m not sure if this helps   It d be nice if sudo accepted a pre-encrypted password  so I could encrypt it within my script and not worry about echoing clear text passwords around  However this works for me and my situation

User · Answer

I wrote some Applescript which prompts for a password via a dialog box and then builds a custom bash command  like this   echo  lt password gt    sudo -S  lt command gt    I m not sure if this helps   It d be nice if sudo accepted a pre-encrypted password  so I could encrypt it within my script and not worry about echoing clear text passwords around  However this works for me and my situation

User · Answer

When there s no better choice  as suggested by others   then man socat can help       sleep 5  echo PASSWORD  sleep 5  echo ls  sleep 1       socat - EXEC  ssh -l user server  pty setsid ctty            EXEC   utes an ssh session to server  Uses a pty for communication           between socat and ssh  makes it ssh   s  controlling  tty   ctty             and makes this pty the owner of a new process group  setsid   so           ssh accepts the password from socat    All of the pty setsid ctty complexity is necessary and  while you might not need to sleep as long  you will need to sleep   The echo 0 option is worth a look too  as is passing the remote command on ssh s command line

User · Answer

The usual solution to this problem is setuiding a helper app that performs the task requiring superuser access  http   en wikipedia org wiki Setuid  Sudo is not meant to be used offline   Later edit  SSH can be used with private-public key authentication  If the private key does not have a passphrase  ssh can be used without prompting for a password

User · Answer

Hardcoding a password in an expect script is the same as having a passwordless sudo  actually worse  since sudo at least logs its commands

User · Answer

I wrote some Applescript which prompts for a password via a dialog box and then builds a custom bash command  like this   echo  lt password gt    sudo -S  lt command gt    I m not sure if this helps   It d be nice if sudo accepted a pre-encrypted password  so I could encrypt it within my script and not worry about echoing clear text passwords around  However this works for me and my situation

User · Answer

Hardcoding a password in an expect script is the same as having a passwordless sudo  actually worse  since sudo at least logs its commands

User · Answer

For sudo you can do this too   sudo -S  lt  lt  lt   password  command

[linux] How to pass the password to su/sudo/ssh without overriding the TTY?

Examples related to linux

Examples related to ssh

Examples related to passwords

Examples related to sudo

Examples related to su