Embedding the Password in the Bash Script

Question

I am running a test script where files needs to be copied to the target embedded system.But when this command of copying the files to remote target system is run from the script I was prompted for the administrator password of the Target Board.How can I automate the script in such a way that the script will pick the password by itself(from within the script) and I don't have to put the password manually every-time i run the script.

Snippet form the script is as below :

scp test.file1 <Target ip-address>:/home/bot21/test/.

Password is prompted when the above command is run.

Answer 1

The right way to do this is with key-based authentication. Read about it here .

If that link ever breaks, just google it: "ssh passwordless" or "ssh key authentication". Despite Toby's comment, I think linking to or instructing how to search it yourself is better than repeating what others can say better and in more depth than I can.

Answer 2

You can use sshpass to pass the password to the scp . Something like

sshpass -p passw0rd scp test.file1 <Target ip-address>:/home/bot21/test/

But as already mentioned, using the keys is recommended. I added the following notes to SO Documentation before it was retired.

---

Connecting from script using password

When you really need to script ssh connection, piping the password into the ssh command does not work ( echo passw0rd | ssh host ). It is because the password is not read from standard input, but directly from TTY (teleprinter, teletypewriter, Teletype for historical reasons).

But there is sshpass tool which works around this problem. It can read the password from parameter, file or environment variable. But note that none of these options does not satisfy the security requirements for a passwords!

$ sshpass -p passw0rd ssh host
$ sshpass -f /secret/filename ssh host
$ SSHPASS=passw0rd sshpass -e ssh host

The command line options can be seen by other users in ps (during runtime it is masked, but not during start time and you can't rely on it):

... 23624  6216 pts/5    Ss   Aug30   0:00  \_ /bin/bash
... 12812  1988 pts/5    S+   08:50   0:00  |   \_ sshpass -p passw0rd ssh host
... 45008  5796 pts/15   Ss+  08:50   0:00  |       \_ ssh host

Note, that environemnet variables of a process are also accessible by other processes on the system using /proc/PID/environ file.

Finally, storing the password in the file might look like the best possible idea, but still using keys as described in the other examples is preferred way to use ssh .

Answer 3

Use the -i option. Manpage says:

-i identity_file
Selects the file from which the identity (private key) for public key authentication is read. This option is directly passed to ssh(1).

That is do :

scp -i /path/to/identity_file test.file1 <Target ip-address>:/home/bot21/test/

The process of creating the identity file is well described [ here ] .

The access-permissions for the identity file should be configured in such a way that potential users in your system who may access this file should be able to read it. Also mind that these users should be able to traverse the path ie /path/to in our example to reach the file