Skip to content

Instantly share code, notes, and snippets.

@cmbaughman

cmbaughman/ssh-password.md

Created April 27, 2020 20:39
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save cmbaughman/6a2ae275e0c0f39f42d95a728e07f796 to your computer and use it in GitHub Desktop.
Save cmbaughman/6a2ae275e0c0f39f42d95a728e07f796 to your computer and use it in GitHub Desktop.
Download ZIP
SSH Passwords
Raw
ssh-password.md

How to set up passwordless ssh,scp, and rsync

Setup

  1. Install the application sshpass:
sudo apt install sshpass
  1. Make sure to set in your ~/.ssh/config file the following options to prevent ssh from using your pubkey:
PreferredAuthentications password
PubkeyAuthentication no
PasswordAuthentication yes
ServerAliveInterval 10
  1. Run the following command to create your new "sshpass" file with your ssh password.
echo yourpassword > .sshpass
  1. Encrypt the "sshpass" file with gpg:
gpg -c ~/.sshpass
  1. Remove original decrypted version of the file:
rm -rf ~/.sshpass

Usage

Using with an $SSHPASS environmental variable:

export $SSHPASS=your_password
sshpass -e ssh vivek@server.somesite.com

Using it with a .sshpass (or any named) file:

sshpass -f fileNameHere ssh user@server

Using it with GPG for encryption:

gpg -d -q .sshpass.gpg > fifo; sshpass -f fifo ssh user@server

Using it with rsync:

rsync --rsh="sshpass -e ssh -l username" server.example.com:/var/www/html/ /backup/

Misc

Here are some handy aliases for using a GPG encrypted password file:

alias ssh='gpg -d -q ~/.sshpasswd.gpg > fifo; sshpass -f fifo ssh'
alias scp='gpg -d -q ~/.sshpasswd.gpg > fifo; sshpass -f fifo scp'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment