How to Pass Password on Ssh Command on Shell Script

  • By
  • Published
  • Posted in Tips
  • 6 mins read

When it comes to automation, shell scripting comes in handy. At times, you may need to run a command on a remote server using SSH and a shell script. However, one of the challenges you may face is that you are required to key in your password each time you execute the script. This process can be tedious in scenarios where you have to run the same command multiple times.

This article explores methods you can use to pass a password on SSH command when running a shell script. By the end of this guide, you’ll have learned how to automate commands and save time without the need to key in a password each time.

Video Tutorial:

Why You Need to pass Password on Ssh Command on Shell Script

You may need to pass a password on SSH command on a shell script for several reasons. For instance, you may need to execute a command on multiple servers that require authentication credentials such as passwords. However, manually keying in your password on every server can be a tedious job. In other scenarios, you may need to automate running a script that requires authentication credentials that you would not like to disclose on the script. These methods can be employed to automate the process and make it seamless to run commands on remote servers.

Method 1: Using SSH Keys

SSH keys are mostly used by system administrators to access remote servers without requiring a password. In this scenario, you will have to create an SSH key on the local server and copy the public key to the remote server.

Here are the steps:

  1. Log in to your local server and open the terminal
  2. Create an ssh key by running the command below:
    ssh-keygen -t rsa -b 4096
  3. You will be prompted to enter a passphrase for your ssh key. If you don’t need one, you can hit enter, and it will skip the option.
  4. Copy the public key to the remote server using the below command:
    ssh-copy-id user@remote_server
  5. Type yes or enter to accept and copy the key to the remote server
  6. The copy command will request for the password. Enter the password for the user on the remote server

Pros:

  • Secure and safe as you don’t expose your password to others
  • Quick and efficient in automating commands on multiple servers

Cons:

  • Challenging for new users to create the key and copy it
  • Hard to manage and ensure all the keys are up-to-date and secure

Method 2: Using Expect command

The expect command is a scripting language that enables the automation of interactive terminal applications such as SSH. It allows the automation of sending input and interacting with applications.

Here are the steps:

  1. On your terminal, install the expect command by running the command below:
    sudo apt-get install expect
  2. Create a new shell script by running the command below:
    nano ssh-pass-exp.sh
  3. Add the following code:
    #!/usr/bin/expect -f
    spawn ssh user@remote_server
    expect "password:"
    send "user_password\n"
    interact
  4. Save and close the file
  5. Make your script executable by running the command below:
    chmod +x ssh-pass-exp.sh
  6. Run the script on your terminal:
    ./ssh-pass-exp.sh
  7. You are now logged in without typing your password

Pros:

  • Easy to use and automate commands
  • Secure since no need to expose the password on the script

Cons:

  • You cannot use this method in cases where you need to enter password multiple times
  • The script can be hacked if one makes mistakes while running the implementation.

Method 3: Using Shell script with SSHpass

SSHpass is a tool that prompts for input parameters including a password, hostname, port, and username. You can use it to automate commands using shell scripts by including a password as an argument.

Here are the steps:

  1. On your terminal, install the SSHpass tool by running the command below:
    sudo apt install sshpass
  2. Create a new shell script by running the command below:
    nano ssh-pass.sh
  3. Enter the following code:
    #!/bin/bash
    sshpass -p 'user_password' ssh user@remote_host
  4. Save and close the file
  5. Make the script executable by running the command below:
    chmod +x ssh-pass.sh
  6. On your terminal, run the script by executing the command below:
    ./ssh-pass.sh
  7. You are now logged in to your remote server without typing your password.

Pros:

  • Easy to use and automate commands
  • No need to create SSH keys

Cons:

  • Exposing passwords is a security risk
  • You cannot use this method in cases where you need to enter a password multiple times.

What to Do If You Can’t Add SSH Keys or SSHpass

In cases where you are not in a position to install or use SSH keys or SSHpass on your server, you can use other methods to automate running remote commands.

Here are the alternatives:

  • Use a GUI-based remote connection software such as PuTTY. You can save multiple remote connections on this tool and run commands from an external script.
  • You can use Python paramiko library to automate running commands. Paramiko is a library that allows Python to interact with an SSH server as well as SFTP and SCP operations.

Bonus Tip

When running your script, you can use the screen command to detach a session. By using this command, you can continue running the script even when you’re not logged in to the server.

Here’s how:

  • On your terminal, start a new screen session by running the command below:
    screen
  • Start your script on the new screen session by running the command below:
    ./ssh-pass.sh
  • Detach from the screen session by holding the control key and hitting the "a" button followed by the "d" button
  • You can resume the session by running the command below:
    screen -r

5 FAQs

Q1: How do I know my SSH version?

A: Run the command below:
ssh -V

Q2: How do I generate an ssh key without a passphrase?

A: When prompted to enter a passphrase for your ssh key, press the enter key without typing anything

Q3: Can I create my SSH keys on a Windows machine?

A: Yes. You can use Git bash to create your SSH key

Q4: How do I terminate the screen session?

A: Run the command below:
exit

Q5: How do I install Python paramiko library?

A: Run the command below:
pip install paramiko

Final Thoughts

Automating commands on remote servers using a shell script can save a lot of time and improve overall efficiency. However, finding secure methods to automate such commands is even more critical. With the above methods, you can now easily pass a password on SSH command when running a shell script without exposing it on the script.