Home / server / Questions / 318474
In Process
chubbyk
Asked: 2011-10-05 11:59:53 +0800 CST

How to pass password to scp command used in bash script? [duplicate]

  • 772

Possible Duplicate:
Connect through SSH and type in password automatically, without using a public key

I have a bash script that makes dump of DB then copies file from one server to another but it always asks for password before connection.

scp file.tar.gz [email protected]:/backup

Is there a way to pass password directly into script ?

bash password scp

6 Answers

  1. Use the tool sshpass

    sshpass -p 'password' scp file.tar.gz [email protected]:/backup
    • 88

  2. Rather than using root create an account just for this job. Use public keys without a passphrase instead of passwords.

    scp -i /home/backupuser/.ssh/id_rsa [email protected]:/backup

    By using a special account for the backup on the destination system you are not exposing your root password.

    • 45

  3. It's better to set up ssh to used key-based authentication rather than trying to figure out how to send text to the login process with something like expect.

    Take a look at:

    https://help.ubuntu.com/community/SSH/OpenSSH/Keys

    So, basically, run ssh-keygen -t dsa on the machine that will run your script. When it asks you for a passphrase, hit ENTER to accept a blank. You will get two files. If you followed the default suggestions, the files will be ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub. The first one is the private key. The second one is the public key.

    Copy the public key to the second server using ssh-copy-id user@server2. This will add the public key to the authorized_keys file of the user on server2.

    You should now be able to run ssh from the first machine and log in without a password.

    For copying the files, scp or rsync are fine. It depends on what you're doing. rsync will use ssh by default, so will use the key-based authentication you just set up.

    • 4

  4. scp uses SSH to tunnel to a remote server and transfer files. SSH can authenticate users with a password, an SSH key or both (recommended).

    To transfer files without a password, create an SSH key for the user you're going to use (root is not recommended, use an unprivileged user instead and have a job on the target server as root to perform the privileged action).

    Then you need to configure the target system's SSH daemon to accept SSH key connections (also in above link).

    Bear in mind that compromised SSH keys without a password are the same as compromised passwords - anybody can get in. For real users, it's better to double the security and require the key and a password.

    • 3

  5. pscp allows you to pass the password to it directly using the -pw argument. Alternately, and this is a better idea, use ssh agent and set up key based logon - this is more secure. There's a howto on setting up ssh to use key based logon here

    You can use the yes command to send a yes to the program.

    • 3

  6. You should not use password-less ssh-keys for security reasons.

    The tool keychain can help you re-use the ssh-agent and run rsync over ssh in scripts without being prompted for passwords.

    To install it on a Ubuntu machine just run the following command. 

    sudo apt-get install keychain

    Check out the manpage for keychain for more information on how to use it.

    • 2