3

I am using an application that uses /usr/bin/ssh and requires passwordless authentication. Meanwhile I want to use this with a server that requires both publickey and password authentication at the same time. Just using sshpass is a good solution in most circumstances (given that my secret password is safe and that I am also using safe public key authentication at the same time), but sshpass wraps around ssh and not the other way around.

How can I use sshpass when /usr/bin/ssh x is called? My current workaround is the config below. It works, but it hops from the target server to itself. I would rather not have this overhead.

Host x
    HostName xxx.xxx.xx
    ProxyCommand sshpass -f passwordfile ssh -W %h:%p xxx.xxx.xx

Is there a way to get the same result without hopping to the server itself?

(Otherwise - for future people with the same problem - the above config is a workable solution.)

Wietse de Vries
  • 203
  • 1
  • 5
  • 1
    what sort of application? GUI or CLI? other than running SSH, what else does it do? If it just runs SSH, there may be a chance to wrap the whole application inside sshpass, i.e. `sshpass theapplication ...` instead of `sshpass ssh ...` – ilkkachu Apr 18 '21 at 09:23
  • @ilkkachu The application does more than just running ssh commands and wrapping it with sshpass does not work. – Wietse de Vries Apr 19 '21 at 11:04

1 Answers1

1

Given that the application that I'm using is a CLI program that searches for ssh in $PATH, it is possible to modify PATH to include a special ssh command that is actually a sshpass wrapper.

Wrap sshpass into a executable called ssh:

/path/to/bin/ssh:

#!/usr/bin/env bash
sshpass -f /path/to/passwordfile ssh "$@"

Then prepend the parent dir of the custom ssh to PATH when running myapp by adding the following alias in .zshrc or .bashrc:

alias myapp="PATH=/path/to/bin:$PATH myapp"
Wietse de Vries
  • 203
  • 1
  • 5