Pass your password to your SSH key via a script
I am writing a script that will allow me to retrieve a file from all of my servers at once. I have SSH keys in place in order to log into my servers. My SSH key however requires a password.
The script I am writing will not be automated, it will only ever be run manually. So my script prompts the user for the SSH key password.
How can I send the password to the SSH key as it connects to each server. I am trying to avoid having to type my password in for each server.
I know I could use 'expect', but am hoping there is a simple way to do this. Maybe some environment variable?
Thanks.
Why not use ssh-agent for this?
See the man page for additional details. :)
I would use a SSH key that doesn't have a passkey. It may be less secure, but any method that will allow unattended use will have the same flaw.
Here are my 2 cents!
- I have a USB drive that is always with me (in my physical key chain).
- I make a second partition of 5 insignificant MB in it. This partition is an encrypted ext4 partition.
- I store my private key (without passkey) in that encrypted partition.
- In my computer I store the password to decrypt this partition in the file manager (I use dolphin) so if I plug the USB drive I can mount the encrypted partition with two single clicks, and if I plug the USB drive in another computer I can mount it typing the password.
- Again in my computer I have symlinked my private keys from it usually are (~/.ssh/id_rsa) to where they are when mounted with the USB drive. So once mounted I can make a usual ssh without password.
- If I am in another computer I can tell ssh where my key is with the -i flag
This way I can:
- Login comfortably from my everyday computer
- Log in with a single password from any linux machine
- Have my private keys always safe with me and in a encrypted filesystem