With the help of sshpass, using ssh within your bash scripts is much easier.
How many times have you needed to use ssh within your Linux shell scripts, only to find working with passwords and/or ssh keys getting in the way of success? If that’s you, there’s an alternative you can employ to make your life a bit easier.
Said alternative is sshpass, which is a non-interactive ssh password provider. With this tool you can either include your password in the command (which isn’t advisable), or you can pass that string as an environment variable and use it whenever needed.
I’m going to show you how to install and use sshpass. This tool can be installed on most Linux distributions, but I’ll be demonstrating on Pop!_OS.
SEE: Choosing your Windows 7 exit strategy: Four options (TechRepublic Premium)
What you’ll need
A running instance of Linux
A user account with sudo privileges
A remote machine that accepts ssh connections
How to install sshpass
Since the sshpass tool is included with the standard repositories, the installation is quite simple. Log in to your Linux machine, open a terminal window, and issue the command:
sudo apt-get install sshpass -y
Once installed, you’re ready to go.
How to use sshpass
Using sshpass is actually quite easy. First, I will demonstrate how to make a connection which will include a password within the command. Say your user is olivia, your password is TechRepublic$2020, and you’re attempting to connect to a server at IP address 192.168.1.10. That command would be:
sshpass -p 'TechRepublic$2020' ssh email@example.com
You won’t be prompted for the password for the connection, as you passed it along with sshpass.
Of course, you’re not going to want to have that password displayed within the command. What if someone is looking over your shoulder? Instead, you can use the export command to save the password as an environment variable, like so:
With that password saved as a variable, you can now run the same command, without adding the password, like so:
sshpass -e ssh firstname.lastname@example.org
The connection will be made without interaction.
Or you could save the password in a file (a hidden one of course) and issue the command:
sshpass -f .sshpassfile ssh email@example.com
I would name the file something that obfuscates what the contents are, such as .penguin.conf or something along those lines.
The implications of using sshpass
Now that you know how to use sshpass, the implications of how it can be used are obvious. For example, say you need the output of the dh -f command from a remote server to be used within a bash script you’ve written. With the password saved as a variable, you could write a script like this:
#!/bin/bash OUTPUT=$(sshpass -f .sshpassfile ssh firstname.lastname@example.org 'df -h') echo $OUTPUT
You should see the output of the df -h command printed in the terminal.
And that’s the gist of using sshpass. To learn more about this handy tool, read the man page with the man sshpass command.