ssh / scp: password on command line and shellselect

Why is it wrong There will be past the head at least once in your life can change the password as an option to the ssh client. So why OpenSSH has not provided?

Some reasons might be these

• Not sure if we pass the password as an option will be logged between the commands you type, finds the file ~ /. Bash_history, and I assure you that a ln-s / dev / null ~ /. Bash_history not resolve the situation. There are shells that logged all our commands without our knowledge. Traces of our passwords in many parts of the system.
• It is not necessary, you can connect to a remote server without typing a password each time, just an exchange of keys. You must put your public key file authorized_keys2 host to which we connect. If the key generation set a passphrase you will be prompted to insert one.
• There ssh-agent that we avoid having to enter the passphrase every time we open an ssh connection. Simply insert a one-time startup daemon ssh-agent.

In some cases it is convenient

Then it becomes necessary to change the password as an option to ssh?

It can be useful when working remotely on a server in a thirty intranet. If we can not exchange keys with all servers that we access. It often happens that the passwords of servers inside a company are known by all employees, and are often very embarrassing as "password", "admin", "foo" or "root".

In this case, why not pass it to ssh as an option, so we can create aliases or use simple shell scripts, as shellselect that we will see, we simplify server administration.

How-

First we need to download the source code of OpenSSL, understand how it works, where it stores the password, change them to read even from the command line, correct any errors, compile everything, make sure it works. Do not be afraid, I have already done this and I've created a patch, just download the sources and apply my patch.

I tell you how:

• download my patch here

Patch	Valid for	Notes
openssh-5.2p2-shellselect.patch	openssh-5.2p1	Latest version also changes scp and sftp
openssh-5.2p1-shellselect.patch	openssh-5.2p1	Improved authentication
openssh-4.9p1-shellselect.patch	openssh-4.9p1	Initial release

• go to the site http://www.openssh.com/ and download the source for openssh.
• unzip the downloaded file
• patch
  cd openssh-XXX
patch -p2 < ../openssh-XXX-shellselect.patch

• compile
  ./configure
make

• install
  make install

  If we want to keep the ssh version of our system then we could simply copy the executable to change without run make install or we can specify the - when we run the configure-prefix.

We finished. We see that when running ssh will invoke the system. Verify

 $ Ssh - help
 usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
            [-D [bind_address:] port] [-e escape_char] [-F configfile]
            [Identity_file-i] [-L [bind_address:] port: host: hostport]
            [Login_name-l] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
            [-R [bind_address:] port: host: hostport] [-S ctl_path]
            [-W local_tun [: remote_tun]] [user @] hostname [command]

While we accept ssh options

 $. / Ssh - help
 usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
            [-D [bind_address:] port] [-e escape_char] [-F configfile]
            [Identity_file-i] [-L [bind_address:] port: host: hostport]
            [Login_name-l] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
            [-R [bind_address:] port: host: hostport] [-S ctl_path] [-W password]
            [-W local_tun [: remote_tun]] [user @] hostname [command]

As you can see there is [-W password] more than the standard version. Now we prove that everything works:
./ssh -W password username@hostname
if you followed my steps correctly you have logged on the server hostname user username cone.

Shellselect

shellselect is a Bash script that exploits the ability of our ssh to accept the password from the command line to open a remote connection.

Throwing a window will appear as shown below.

shellselect

The setup is even easier, just fill in a text file with the following information: ip, label, user, protocol (ssh or telnet) and possibly a password. If the password is not specified will be called the normal system that ssh may ask you credentials for access. Otherwise we will launch ssh with option-W. Like this

 10.50.2.101 ssh root root DC-TIM
 10.60.11.251 ssh root TECTEST root_password
 capsula.no capsule root ssh-ip.org
 92.243.11.13 ssh metals danilo
 10.50.5.100 ssh root QuaggaTest Qpass
 10.50.2.102 user telnet cisco cisco

Shellselect, the script

  # / Bin / bash

 ProcessLine () (
   line = "$ @"

   $line | awk '{ print $1 }' ) ; IP = $ (echo $ line | awk '(print $ 1)');
   $line | awk '{ print $2 }' ) ; HOST = $ (echo $ line | awk '(print $ 2)');
   $line | awk '{ print $3 }' ) ; USER = $ (echo $ line | awk '(print $ 3)');
   $line | awk '{ print $4 }' ) ; PROTOCOL = $ (echo $ line | awk '(print $ 4)');
   $line | awk '{ print $5 }' ) ; PASS = $ (echo $ line | awk '(print $ 5)');

   "x $PASS " = "x" ] ; then if ["x $ PASS" = "x"] then
       PASS = "X"
   fi

   " ZENITY_OPTIONS = "$ PASS ZENITY_OPTIONS $ $ $ $ USER $ HOST IP PROTOCOL"
 )

 # # # Main # # #
 HOME = "~"
 /bin/ssh" SSH = "$ HOME / bin / ssh"
 /prog/shellselect/hosts" FILE = "$ HOME / prog / shellselect / hosts"

 ZENITY_GENERAL_OPTIONS = "- title shellSelect - width 420"
 --list --print-column ALL --hide-column 1 --column pass --column IP --column Host --column User --column Protocol" ZENITY_OPTIONS = "$ ZENITY_GENERAL_OPTIONS - list - print-column ALL - hide-column 1 - column pass - IP column - column Host - User column - column Protocol"

 "$1" ! = "" ] ; then if ["$ 1"! = ""] then
     FILE = "$ 1"
    ! -f $FILE ] ; then if [!-f $ FILE] then 
        : does not exists" echo "$ file: does not exists"
        exit 1
    ! -r $FILE ] ; then elif [!-r $ FILE] then
        : can not read" echo "$ file: can not read"
        exit 2
    fi
 fi

 # Read $ FILE using the file descriptors
 0 exec 3 <& 0
 $FILE exec 0 <$ FILE

 COUNT_LINE = 0

 line; do while read line; do
     ProcessLine $ line
     $COUNT_LINE + 1 ) ) COUNT_LINE = $ (($ COUNT_LINE + 1))
 done
 <& 3 exec 0 <& 3

 # Make zenity command

 --height $((170 + ($COUNT_LINE - 1) * 26))" ZENITY_OPTIONS = "$ ZENITY_OPTIONS - height $ ((170 + ($ COUNT_LINE - 1) * 26))"
 zenity $ZENITY_OPTIONS | tr '|' ' ' ` ITEM $ = `zenity ZENITY_OPTIONS | tr '|' ''`

 $ITEM | awk '{ print $1 }' ) PASSWORD = $ (echo $ ITEM | awk '(print $ 1)')
 $ITEM | awk '{ print $2 }' ) IP = $ (echo $ ITEM | awk '(print $ 2)')
 $ITEM | awk '{ print $3 }' ) HOST = $ (echo $ ITEM | awk '(print $ 3)')
 $ITEM | awk '{ print $4 }' ) USER = $ (echo $ ITEM | awk '(print $ 4)')
 $ITEM | awk '{ print $5 }' ) PROTOCOL = $ (echo $ ITEM | awk '(print $ 5)')

 in homes in the $ PROTOCOL
     ssh2 ) ssh | ssh2)
         " $PASSWORD " = "X" ] ; then if ["$ PASSWORD" = "X"] then
             $IP $ Ssh $ USER @ $ IP
         else
             $IP -W $PASSWORD $ Ssh $ USER @ $ IP-W $ PASSWORD
         fi
         ;;
     telnet)
         $ telnet IP 23
         ;;
     *)
         echo "unknown protocol"
         ;;
 esac
 exit 0 

The only parameters are set HOME, SSH and FILE. The home is your home directory, SSH is the path to the executable as SSH (the one with the patch) that accepts the option-W and FILE is inserted the name of the configuration file.

• Choose your language

• Sections

  • About ...
  • Blogs FAQ
  • Leave a message
  • Useful Emacs functions

• Categories

  • Drawings (1)
    • Portraits (1)
  • Computer (15)
    • Netiquette (1)
    • Programming (10)
      • ANSI C (4)
      • Bash scripts (2)
      • Java (1)
      • JavaScript (1)
      • PHP (1)
      • Python (1)
    • Tips and Tricks (2)
  • News (3)

• Recommended Sites

  • online casino
  • Fick
  • casino games
  • Musicians
  • online poker

• Aggregators

  • 
  •