From owner-freebsd-security Wed Jun 12 6: 9:52 2002 Delivered-To: freebsd-security@freebsd.org Received: from slc.edu (weir-01c.slc.edu [207.106.89.46]) by hub.freebsd.org (Postfix) with ESMTP id D36C037B408 for ; Wed, 12 Jun 2002 06:09:43 -0700 (PDT) Received: (from aschneid@localhost) by slc.edu (8.11.6/8.11.6) id g5CEEuJ18954; Wed, 12 Jun 2002 14:14:56 GMT (envelope-from aschneid@mail.slc.edu) Date: Wed, 12 Jun 2002 14:14:56 +0000 From: Anthony Schneider To: Peter Pentchev Cc: twig les , Jack Xiao , freebsd-security@FreeBSD.ORG, Lowell Gilbert , "Mark S." , Derek Ragona Subject: Re: ssh questions Message-ID: <20020612141456.A18932@mail.slc.edu> References: <20020612000355.11939.qmail@web10107.mail.yahoo.com> <20020612102406.C73294@straylight.oblivion.bg> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="DocE+STaALJfprDB" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020612102406.C73294@straylight.oblivion.bg>; from roam@ringlet.net on Wed, Jun 12, 2002 at 10:24:06AM +0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --DocE+STaALJfprDB Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I've never had a problem sending passphrases to ssh via expect, personally. -Anthony. >=20 > BTW, have you actually tried this with SSH and/or sftp? I have no doubt > that it will work as far as the sending of commands, but there might be > a little problem concerning the authentication itself: SSH is really, > really picky about having the password or passphrase read from a > terminal, not from just any input stream. Thus, when Expect opens SSH, > attaching pipes to its standard input and output, SSH will refuse to > read a passphrase from its stdin and try to read it from the controlling > terminal instead. Since a cron-run process will have no controlling > terminal, SSH will exit with a message along the lines of 'you have no > controlling terminal, unable to read passphrase'. >=20 > Thus, even with Expect, one will need to setup some form of > empty-passphrase authentication for unattended SSH/scp/sftp connections. >=20 > G'luck, > Peter >=20 > --=20 > Peter Pentchev roam@ringlet.net roam@FreeBSD.org > PGP key: http://people.FreeBSD.org/~roam/roam.key.asc > Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 > If you think this sentence is confusing, then change one pig. --DocE+STaALJfprDB Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj0HV18ACgkQ+rDjkNht5F0jwACdGuS0l31ur1NG+mFnky9FG9He OMEAn19XwbwW8mIwLnmNUGxzGpVEQ3VT =KQEt -----END PGP SIGNATURE----- --DocE+STaALJfprDB-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message