Discussion:
Returned post for secureshell@securityfocus.com
(too old to reply)
Jannik Sundø
2010-04-19 13:16:46 UTC
Permalink
Hi all,

I'm writing a script which will log into a list of servers if they have public/private keypairs set up. If a server doesn't, I want the script to move on to the next server rather than wait at a password prompt.

I'm using OpenSSH version 5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 on both client and server.

I'm using this command:

ssh ***@IP -o PasswordAuthentication=no KbdInteractiveAuthentication=no

This works for most servers, but not all (on some of them the script halts at a password prompt). I suspect those servers may run an older version of SSH which doesn't support the options I'm providing. Any ideas? Thanks for any help.

Jannik
e***@amhran.net
2010-04-20 20:18:51 UTC
Permalink
Post by Jannik Sundø
I'm writing a script which will log into a list of servers if they
have public/private keypairs set up. If a server doesn't, I want the
script to move on to the next server rather than wait at a password
prompt.
Found elsewhere on the web and modified.... in bash,

( ssh ***@IP -o PasswordAuthentication=no KbdInteractiveAuthentication=no
) & sleep 5 ; kill $!

Assuming whatever you're doing on the list of servers will take 5 seconds
to complete and continue.. if not, replace the 5 in the sleep with however
long it will take to complete the task.

If it hangs at a password prompt, it'll only hang for the sleep timer and
then continue on.
Derek Martin
2010-04-20 01:44:30 UTC
Permalink
Post by Jannik Sundø
I'm writing a script which will log into a list of servers if they
have public/private keypairs set up. If a server doesn't, I want the
script to move on to the next server rather than wait at a password
prompt.
You might also try BatchMode=yes, though I would expect if the above
doesn't work, that wouldn't either. Worth a shot maybe.
--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D
Salvador Fandino
2010-04-21 08:18:57 UTC
Permalink
Post by Jannik Sundø
Hi all,
I'm writing a script which will log into a list of servers if they have public/private keypairs set up. If a server doesn't, I want the script to move on to the next server rather than wait at a password prompt.
I'm using OpenSSH version 5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 on both client and server.
This works for most servers, but not all (on some of them the script halts at a password prompt). I suspect those servers may run an older version of SSH which doesn't support the options I'm providing. Any ideas? Thanks for any help.
try

ssh ***@IP -o PreferredAuthentications=publickey $command


And if you can write Perl, check also the Net::OpenSSH and
Net::OpenSSH::Parallel modules.

http://search.cpan.org/~salva/Net-OpenSSH-0.47/lib/Net/OpenSSH.pm
http://search.cpan.org/~salva/Net-OpenSSH-Parallel-0.06/lib/Net/OpenSSH/Parallel.pm

- Salva
Jannik Sundø
2010-04-21 11:59:49 UTC
Permalink
This worked, thanks a lot! :)
Post by Salvador Fandino
Post by Jannik Sundø
Hi all,
I'm writing a script which will log into a list of servers if they have public/private keypairs set up. If a server doesn't, I want the script to move on to the next server rather than wait at a password prompt.
I'm using OpenSSH version 5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 on both client and server.
This works for most servers, but not all (on some of them the script halts at a password prompt). I suspect those servers may run an older version of SSH which doesn't support the options I'm providing. Any ideas? Thanks for any help.
Jannik
try
- Salva
Jannik Sundø
Junior Network Engineer
Sohonet Limited http://www.sohonet.co.uk
Registered no. 3132110 England/Wales
t: +44 (0)20 7292 6900
f: +44 (0)20 7292 6901

24/7 support:
UK: +44 (0)20 7292 6909
US: +001 310 449 8610
AU: 1800 77 5280

The information in this email may contain confidential and/or privileged material. Any copying, dissemination or other use by any person other than the intended recipient is prohibited. If you have received this email in error, please contact the sender and delete the material from your computer. Thank you.
Jannik Sundø
2010-04-21 12:01:06 UTC
Permalink
The PreferredAuthentications=publickey option worked, but thanks for this tip as well. :)
Post by e***@amhran.net
Post by Jannik Sundø
I'm writing a script which will log into a list of servers if they
have public/private keypairs set up. If a server doesn't, I want the
script to move on to the next server rather than wait at a password
prompt.
Found elsewhere on the web and modified.... in bash,
) & sleep 5 ; kill $!
Assuming whatever you're doing on the list of servers will take 5 seconds
to complete and continue.. if not, replace the 5 in the sleep with however
long it will take to complete the task.
If it hangs at a password prompt, it'll only hang for the sleep timer and
then continue on.
Jannik Sundø
Junior Network Engineer
Sohonet Limited http://www.sohonet.co.uk
Registered no. 3132110 England/Wales
t: +44 (0)20 7292 6900
f: +44 (0)20 7292 6901

24/7 support:
UK: +44 (0)20 7292 6909
US: +001 310 449 8610
AU: 1800 77 5280

The information in this email may contain confidential and/or privileged material. Any copying, dissemination or other use by any person other than the intended recipient is prohibited. If you have received this email in error, please contact the sender and delete the material from your computer. Thank you.
Jannik Sundø
2010-04-21 12:12:38 UTC
Permalink
Hi Derek,

This one worked nicely. Didn't see that one in the ssh_config man. Thanks.

Jannik
Post by Derek Martin
Post by Jannik Sundø
I'm writing a script which will log into a list of servers if they
have public/private keypairs set up. If a server doesn't, I want the
script to move on to the next server rather than wait at a password
prompt.
You might also try BatchMode=yes, though I would expect if the above
doesn't work, that wouldn't either. Worth a shot maybe.
--
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D
Jannik Sundø
Junior Network Engineer
Sohonet Limited http://www.sohonet.co.uk
Registered no. 3132110 England/Wales
t: +44 (0)20 7292 6900
f: +44 (0)20 7292 6901

24/7 support:
UK: +44 (0)20 7292 6909
US: +001 310 449 8610
AU: 1800 77 5280

The information in this email may contain confidential and/or privileged material. Any copying, dissemination or other use by any person other than the intended recipient is prohibited. If you have received this email in error, please contact the sender and delete the material from your computer. Thank you.
Loading...