04-06-2003, 12:25 PM
|
#1 |
|
Prospect
Join Date: Apr 2003
Location: Middle, Nowhere
Posts: 11
|
Logging in to SSH with AppleScript?
This isn't really a UNIX question, I suppose, but perhaps someone knows -- How does one connect to SSH, which requires a password to be entered after the SSH command is sent, with AppleScript?
I've tried stuff like: Code:
do shell script "ssh 127.0.0.1 -l user; password" Code:
do shell script "ssh 127.0.0.1 -l user" password "password" Code:
do shell script "ssh 127.0.0.1 -l user" do shell script "password"
__________________
iMac G3, 350 MHz, 192 MB RAM | Mac OS X.2 |
|
|
|
04-07-2003, 03:37 AM
|
#2 |
|
Major Leaguer
Join Date: Feb 2003
Location: Berkeley, CA
Posts: 270
|
The problem with all of these is that when you write:
do shell script 'command a; command b' this means 'do the first command and after it quits, do the second one'. That's why it isn't working. The system happily starts the ssh command, but waits for that to quit before doing the second command. I came across a mention of 'ssh-keygen', which looks like it will generate a authentication key which you can use instead of a password. I've never used it, but perhaps it might get you started in the right direction. Try 'man ssh-keygen' for more info. Good luck! 
|
|
|
|
|
04-07-2003, 05:33 AM
|
#3 |
|
All Star
Join Date: Jan 2002
Posts: 579
|
Why not just:
ssh server.com -l user -p password? v edit: ya it is for port, sorry about that. I was sure there was a flag for pass... uhmm Last edited by vonleigh; 04-07-2003 at 02:22 PM. |
|
|
|
|
04-07-2003, 07:14 AM
|
#4 |
|
Prospect
Join Date: Apr 2003
Location: Middle, Nowhere
Posts: 11
|
The -p option seems to be for port. Hmm :\
__________________
iMac G3, 350 MHz, 192 MB RAM | Mac OS X.2 |
|
|
|
|
04-07-2003, 12:34 PM
|
#5 |
|
Major Leaguer
Join Date: Feb 2003
Location: Berkeley, CA
Posts: 270
|
Do you know Perl at all? The Perl module Net::SSH::Perl looks like it'll do what you want it to do, which is pass it a host, username and password.
Let me know if you want more help with this. |
|
|
|
|
04-07-2003, 01:56 PM
|
#6 |
|
Prospect
Join Date: Apr 2003
Posts: 4
|
use authorized keys
As grrl_geek noted, ssh has the ability to authenticate via keyfiles. The combination of ssh-keygen and ssh-agent make life very, very easy, once you figure out how everything works.
I recommend using SSH Agent. It's easy to use, and it works like a charm. |
|
|
|
|
04-08-2003, 06:12 PM
|
#7 |
|
Prospect
Join Date: Apr 2003
Location: Middle, Nowhere
Posts: 11
|
hmm
I tried using ssh-keygen, but when I tell the ssh command to use the file that ssh-keygen created, it still requests my password. Am I missing a step?
Code:
ssh-keygen -t rca -N password -f temp.key ssh 127.0.0.1 -l user -i temp.key ---- Edit ---- The Perl module is not built in, and when I tried downloading and installing it, it ran for about 20 minutes and then once it had downloaded everything it needed it reported that the make failed. Wonderful. I guess I'd rather do it with the keys, but I don't understand how it works.
__________________
iMac G3, 350 MHz, 192 MB RAM | Mac OS X.2 Last edited by God of Muffins; 04-08-2003 at 09:02 PM. |
|
|
|
|
04-09-2003, 01:03 PM
|
#8 |
|
Major Leaguer
Join Date: Jan 2003
Location: Bay Area
Posts: 327
|
Yes, I think you're missing the step of putting your public key on the remote system.
Don't provide a filename for ssh-keygen -- let it put your keyfiles in the default location: [bmullins@archy bmullins]$ ls -l .ssh total 28 -rw-r--r-- 1 bmullins bmullins 850 Jan 18 11:09 authorized_keys -rw-r--r-- 1 bmullins bmullins 339 Mar 4 14:20 config -rw------- 1 bmullins bmullins 736 Jan 16 14:28 id_dsa -rw-r--r-- 1 bmullins bmullins 615 Jan 16 14:28 id_dsa.pub -rw------- 1 bmullins bmullins 951 Jan 16 14:56 id_rsa -rw-r--r-- 1 bmullins bmullins 235 Jan 16 14:56 id_rsa.pub -rw-r--r-- 1 bmullins bmullins 3608 Apr 2 09:22 known_hosts I've got two keypairs -- a RSA and a DSA. Start with the RSA and copy id_rsa.pub to ~/.ssh on the remote machine. Check the permissions -- 644 is okay for the public key file, .ssh itself should be 700. Then try your ssh login again. You should get prompted for your key's passphrase rather than your password. When you get that working you can start using ssh-agent, which will cache the decrypted key for you so that you only have to enter the passphrase once per login session. IBM has a great tutorial on ssh: http://www-106.ibm.com/developerwork...ry/l-keyc.html that will walk you through the steps. (That link is to the first article of three.) It finishes with a shell script that will allow you to leave your passphrase available across login sessions -- very cool if you're sure that your box is secure. Breen |
|
|
|
|
04-09-2003, 10:58 PM
|
#9 |
|
Major Leaguer
Join Date: Jan 2002
Location: Adelaide, South Australia
Posts: 470
|
I think you mean "copy your id_rsa.pub to the end of the file .ssh/authorized_keys (creating it if it doesn't exist", (not "copy your id_rsa.pub to .ssh). Definitely worth noting that each key has to be a *single line* within the authorized_keys file.
Cheers, Paul |
|
|
|
|
04-09-2003, 11:04 PM
|
#10 |
|
Major Leaguer
Join Date: Jan 2002
Location: Adelaide, South Australia
Posts: 470
|
Re the perl module mentioned above: looks like it hasn't been touched for a couple of years. (It's a pure perl implementation.) You might try having a look at
http://search.cpan.org/author/IVAN/Net-SSH-0.07/ which is a front end to some system calls. Installs fine in 10.2. Paul |
|
|
|
|
04-10-2003, 01:18 PM
|
#11 | |||||||||||||||||||
|
Major Leaguer
Join Date: Jan 2003
Location: Bay Area
Posts: 327
|
Right you are! Thanks for the catch. Breen |
|||||||||||||||||||
|
|
|
 |
|
|
Linear Mode
