Date: Wed, 12 Jun 2002 14:14:56 +0000 From: Anthony Schneider <aschneid@mail.slc.edu> To: Peter Pentchev <roam@ringlet.net> Cc: twig les <twigles@yahoo.com>, Jack Xiao <jack_xiao99@hotmail.com>, freebsd-security@FreeBSD.ORG, Lowell Gilbert <lowell@world.std.com>, "Mark S." <mark@furball.net>, Derek Ragona <derek@computinginnovations.com> Subject: Re: ssh questions Message-ID: <20020612141456.A18932@mail.slc.edu> In-Reply-To: <20020612102406.C73294@straylight.oblivion.bg>; from roam@ringlet.net on Wed, Jun 12, 2002 at 10:24:06AM %2B0300 References: <OE39kl4AU1O6YalkXh3000015ab@hotmail.com> <20020612000355.11939.qmail@web10107.mail.yahoo.com> <20020612102406.C73294@straylight.oblivion.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
--DocE+STaALJfprDB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I've never had a problem sending passphrases to ssh via expect, personally. -Anthony. >=20 > BTW, have you actually tried this with SSH and/or sftp? I have no doubt > that it will work as far as the sending of commands, but there might be > a little problem concerning the authentication itself: SSH is really, > really picky about having the password or passphrase read from a > terminal, not from just any input stream. Thus, when Expect opens SSH, > attaching pipes to its standard input and output, SSH will refuse to > read a passphrase from its stdin and try to read it from the controlling > terminal instead. Since a cron-run process will have no controlling > terminal, SSH will exit with a message along the lines of 'you have no > controlling terminal, unable to read passphrase'. >=20 > Thus, even with Expect, one will need to setup some form of > empty-passphrase authentication for unattended SSH/scp/sftp connections. >=20 > G'luck, > Peter >=20 > --=20 > Peter Pentchev roam@ringlet.net roam@FreeBSD.org > PGP key: http://people.FreeBSD.org/~roam/roam.key.asc > Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 > If you think this sentence is confusing, then change one pig. --DocE+STaALJfprDB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0HV18ACgkQ+rDjkNht5F0jwACdGuS0l31ur1NG+mFnky9FG9He OMEAn19XwbwW8mIwLnmNUGxzGpVEQ3VT =KQEt -----END PGP SIGNATURE----- --DocE+STaALJfprDB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020612141456.A18932>