Skip to content

Instantly share code, notes, and snippets.

@edtshuma

edtshuma/ssh-password.md

Forked from cmbaughman/ssh-password.md
Created October 17, 2022 06:37
Show Gist options
  • Save edtshuma/9088b7e4af8a4259b88cdaebd243dc9c to your computer and use it in GitHub Desktop.
Save edtshuma/9088b7e4af8a4259b88cdaebd243dc9c to your computer and use it in GitHub Desktop.
Download ZIP
SSH Passwords
Raw
ssh-password.md

How to set up passwordless ssh,scp, and rsync

Setup

  1. Install the application sshpass:
sudo apt install sshpass
  1. Make sure to set in your ~/.ssh/config file the following options to prevent ssh from using your pubkey:
PreferredAuthentications password
PubkeyAuthentication no
PasswordAuthentication yes
ServerAliveInterval 10
  1. Run the following command to create your new "sshpass" file with your ssh password.
echo yourpassword > .sshpass
  1. Encrypt the "sshpass" file with gpg:
gpg -c ~/.sshpass
  1. Remove original decrypted version of the file:
rm -rf ~/.sshpass

Usage

Using with an $SSHPASS environmental variable:

export $SSHPASS=your_password
sshpass -e ssh [email protected]

Using it with a .sshpass (or any named) file:

sshpass -f fileNameHere ssh user@server

Using it with GPG for encryption:

gpg -d -q .sshpass.gpg > fifo; sshpass -f fifo ssh user@server

Using it with rsync:

rsync --rsh="sshpass -e ssh -l username" server.example.com:/var/www/html/ /backup/

Misc

Here are some handy aliases for using a GPG encrypted password file:

alias ssh='gpg -d -q ~/.sshpasswd.gpg > fifo; sshpass -f fifo ssh'
alias scp='gpg -d -q ~/.sshpasswd.gpg > fifo; sshpass -f fifo scp'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment