How can I avoid having to enter a password for an scp command by hard-coding the password into my script?

I've created a bash script that sometimes need me to enter some information (other machine password / username) when I run it.

Is there a way to prevent this by entering (hard-coding) this information in the code? In this way when I execute it, it will run smoothly without asking me to input anything.

This is the command:

scp /home/machine1/backup/test.txt /home/machine2/backup

Instead of typing the machine2 password, I want to hard code it in my script.

SSH key authentication is convenient and secure

Please do not hardcode a password into the shellscript, because it is easy for other people to read it.

• Login with key authentication to ssh is what you need.

  This way you need no password, and it is more secure too. This is particularly important if the computer is visible on the internet. If you don't think it's important, try logging the login attempts you get for the next week.

  • Running

    ssh-keygen
    

    you will probably be offered to protect the key with a passphrase.

  • Don't do it (press Enter to continue without a passphrase when ssh-keygen asks), because you don't want to type any password or passphrase when you run the script and arrive at the scp command line.

    Without key authentication and with clear-text passwords, it is very important to have strict permissions on the shellscript and it is a good idea also for security related shellscripts without a clear-text passphrase. The default permissions for a script file (when created somewhere in your home directory) is probably 644

    $ ls -l shellscript 
    -rw-r--r-- 1 sudodus sudodus 349 dec 23 10:54 shellscript
    

    and you may give your script files execute permissions for everybody, 755

    $ chmod 755 shellscript
    $ ls -l shellscript 
    -rwxr-xr-x 1 sudodus sudodus 349 dec 23 10:54 shellscript
    

    but you had better cut it down to 600, no permission except for your own userID, and no execute permission at all

    $ chmod 600 shellscript 
    $ ls -l shellscript
    -rw------- 1 sudodus sudodus 349 dec 23 10:54 shellscript
    

    and you cannot run it directly with ./shellscript, so use

    bash shellscript       # when shellscript in the current directory
    bash path-to-shellscript/shellscript  # from other directories
    

  • Do it (enter a passphrase when ssh-keygen asks) if you want higher security, because your private key will be protected (encrypted with the passphrase), but then you have to type the passphrase, when you run the script with scp.

  • You must copy a key file, for example with

    ssh-copy-id <username>@<host>
    

  • scp uses ssh for data transfer. So when the keys are in place, it should work without a password.

• Every linux machine can be made an ssh server by installing openssh-server, in Ubuntu with apt,

  sudo apt update
  sudo apt install openssh-server
  

• Link with details, for example troubleshooting tips,

  help.ubuntu.com/community/SSH/OpenSSH/Keys

Set up ssh access to your server with an rsa public/private key pair. Keep your private key loaded in memory. Then you can scp or ssh into the server without a password (besides making life easier, key file authentication is significantly more secure than password authentication)

Here's how to set up ssh for key file authentication: https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2