-1

On Linux when using dsa keys I establish passwordless login with the command

ssh-copy-id -i .ssh/id_dsa.pub [email protected]

This prompts the user for user's password on target.host. My script knows the password and the user shall not be bothered, how can I do this?

Thorsten Staerk
  • 387
  • 2
  • 11
  • Create keypairs for each user and give the user the public key. This has been around for quite a while. – Nathan C Mar 21 '14 at 12:46
  • If you must do this, then you probably would want to look at using the `expect` based examples from the linked questions, to provide the passwrd. – Zoredache Mar 21 '14 at 17:25
  • Wait, you are using a key pair and _still_ being prompted for a password? Are you sure it's not the _key passphrase_ what it's being requested? – dawud Mar 21 '14 at 22:19

1 Answers1

-1

Just generate a pair of keys and provide it with your script. This would be the preshared key to upload a real key.

EDIT: Generate a separate keys for keydeployment: (deploy, deploy.pub), ship them with your script. This mean that from machine with script (so with those keys) you just can login without a password: 

ssh -i ./deploy.pub [email protected]

Then use this key to deploy user key on the target:

cat deploy.pub .ssh/id_dsa.pub > both.pub
ssh-copy-id -i ./both.pub [email protected]
neutrinus
  • 1,125
  • 7
  • 18
  • 2
    What the what? Give an example, please, as it's not at all clear what you mean by this. – EEAA Mar 21 '14 at 12:43
  • You add a known private key to your software with whole purpose and restriction of uploading a new public key to the user. With this you don't need a password for the ssh-copy-id. – lhw Mar 21 '14 at 13:27
  • I assume you would have some kind of restrictions in place to prevent users from using this **shared** key from being abused? Please elaborate. What would prevent the user from simply using the *private* key you are suggesting that you would provide. – Zoredache Mar 21 '14 at 17:21
  • The same that would prevent the user from using *shared* password.. – neutrinus Mar 22 '14 at 13:49