1

This is not a duplicate of this question. I log into a remote server using ssh with a key pair (no password needed). On the remote server, there's a script of mine needing a password for something else.

When I log in and execute the script, I get prompted, enter the password and everything is fine:

my-local> ssh my-remote
my-remote> ./my-script
Password for something else: ***
OK
my-remote> exit

When I try to do it in a single step, I get an error like

my-local> ssh my-remote ./my-script
fatal: could not read Password for .... No such device or address

I wouldn't really mind entering the password, if I only could.

However, as a side question, I'd like to know if it's possible to pass the PW from "my-local" in a secure way (I don't want to store it in the script on "my-remote").

Both servers are Ubuntu 16.04.

Community
  • 1
maaartinus
  • 4,979
  • 7
  • 30
  • 29

2 Answers2

1

The tool is reading from tty and if you specify a command to the ssh, it does not allocate you a TTY on the remote server and therefore it will fail. You can force ssh to allocate you TTY on the remote server using -t switch.

ssh -t my-remote ./my-script

should do the job for you.

Jakuje
  • 20,974
  • 7
  • 51
  • 70
0

Certain programs read directly from /dev/tty, not stdin. "passwd" for example. So it's difficult to script them. Expect is one way around that - it can trick the program by providing input to them:

https://stackoverflow.com/questions/8236699/script-to-change-password-on-linux-servers-over-ssh

It can also help with the requirement to not have the passwords stored in a script or config file on each server - they would all be stored on the central machine, which you would guard closely of course...

Community
  • 1
Ian McGowan
  • 559
  • 2
  • 9
  • I guess, the program reads from `/dev/tty/`, but I somehow though, `ssh` could forward my TTY. It should be possible, when `except` can do it. I'll look into it. – maaartinus Dec 06 '16 at 03:17