How to install sshpass to make using ssh in shell scripts even easier

With the help of sshpass, using ssh within your bash scripts is much easier.

How many times have you needed to use ssh within your Linux shell scripts, only to find working with passwords and/or ssh keys getting in the way of success? If that's you, there's an alternative you can employ to make your life a bit easier. 

Said alternative is sshpass, which is a non-interactive ssh password provider. With this tool you can either include your password in the command (which isn't advisable), or you can pass that string as an environment variable and use it whenever needed.

I'm going to show you how to install and use sshpass. This tool can be installed on most Linux distributions, but I'll be demonstrating on Pop!_OS.

SEE: Choosing your Windows 7 exit strategy: Four options (TechRepublic Premium)

What you'll need

  • A running instance of Linux

  • A user account with sudo privileges

  • A remote machine that accepts ssh connections

How to install sshpass

Since the sshpass tool is included with the standard repositories, the installation is quite simple. Log in to your Linux machine, open a terminal window, and issue the command:

sudo apt-get install sshpass -y

Once installed, you're ready to go.

How to use sshpass

Using sshpass is actually quite easy. First, I will demonstrate how to make a connection which will include a password within the command. Say your user is olivia, your password is TechRepublic$2020, and you're attempting to connect to a server at IP address 192.168.1.10. That command would be:

sshpass -p 'TechRepublic$2020' ssh olivia@192.168.1.10

You won't be prompted for the password for the connection, as you passed it along with sshpass. 

Of course, you're not going to want to have that password displayed within the command. What if someone is looking over your shoulder? Instead, you can use the export command to save the password as an environment variable, like so:

export SSHPASS='TechRepublic$2020'

With that password saved as a variable, you can now run the same command, without adding the password, like so:

sshpass -e ssh olivia@192.168.1.10

The connection will be made without interaction.

Or you could save the password in a file (a hidden one of course) and issue the command:

sshpass -f .sshpassfile ssh olivia@192.168.1.10

I would name the file something that obfuscates what the contents are, such as .penguin.conf or something along those lines.

The implications of using sshpass

Now that you know how to use sshpass, the implications of how it can be used are obvious. For example, say you need the output of the dh -f command from a remote server to be used within a bash script you've written. With the password saved as a variable, you could write a script like this:

#!/bin/bash
OUTPUT=$(sshpass -f .sshpassfile ssh olivia@192.168.1.10 'df -h')
echo $OUTPUT

You should see the output of the df -h command printed in the terminal.

And that's the gist of using sshpass. To learn more about this handy tool, read the man page with the man sshpass command.

Also see

linuxadminhero.jpg

Image: Jack Wallen