disable open ssh dialog for password during ssh session

Question

Hi I am using NXclient (UNix/KDE) . I am running a python script where it is trying to create ssh session to another server and perform some automation task. Basically I am storing a password in variable and when SSH session asks for password I simply send the stored password. it work very well using putty.

PROBLEM: when I use above nxclient. each time a SSH session needs a password 'A GUI prompt appears asking for password which freezes the terminal and fails my script . I do not want to enter password in gui because the password is already stored in a variable which will be used .

I have attached following screen shot. How can i disable this please help. click for screen shot

[EDIT] section of code which does thatif password_prompt: child.sendline(getpass.getpass('Enter your windows password: ')) else : child.sendline(ssh_password) i = child.expect([os.path.basename(keyfile), pexpect.TIMEOUT])

You could switch to the more secure [public/private key authentication](https://help.ubuntu.com/community/SSH/OpenSSH/Keys) — jDo, Apr 14 '16 at 19:45

score 0 · Answer 1 · answered Apr 14 '16 at 20:32

Well, you have a few options:

Currently your keys are added into ssh-agent with -c option which brings the confirmation dialog asking you to type yes each time a particular key is used. You may remove that -c option from your session startup scripts or change ssh-agent from the default OpenSSH Ssh-Agent to a more fancy (but perhaps less secure) variant which would allow you to store keys only for a session or somehow else etc
Completely disable usage of ssh-agent and supply the passphrase from terminal by unset SSH_AUTH_SOCK environment variable. Be prepared that passphrases can't be read from STDOUT, they require usage of TTYs to handle input (check pexpect)
Switch to passphrase-less keys. In case of keys dedicated to a robot this doesn't seem like a major secure breach owing to the fact that you're going to store the passphrase in plain-text. But probably it'd be better to configure

What do you mean by "Currently your keys are added into ssh-agent with -c option" . Where is session startup script? — Ashish Kumar, Apr 15 '16 at 18:33
This depends on the distribution you currently use. Mine adds keys upon startup from a script in `/etc/profile.d/` — user3159253, Apr 19 '16 at 15:09
Or you may simply re-add the key without `-c` option to avoid unnecessary confirmation with `ssh-add` — user3159253, Apr 19 '16 at 15:11

score 0 · Answer 2 · answered Apr 19 '16 at 22:48

0

Actually there is another environmenmt variable called DISPLAY . unsetting both DISPLAY and SSH_ASKPASS helped me solve this

answered Apr 19 '16 at 22:48

Ashish Kumar

126
11

disable open ssh dialog for password during ssh session

2 Answers2