login about faq

How do I use non-interactive password authentication with Tectia products? In other words, how can I use password authentication with no user interaction?

asked Dec 22 '10 at 15:23

SSH%20KB's gravatar image

SSH KB ♦
509249246237


Tectia Client offers the capability to use password authentication without any user interaction. The password can be entered directly on the command line or it can be read from a password file. Reading the password from a file is recommended. Supplying the password on the command line is VERY insecure. In a multi-user environment, the password is trivial to recover from the process table.

Entering a password directly on the command line

The password can be entered directly on the command line with the command-line option --password=. The following configuration options should be entered to the client configuration file (ssh2_config) or directly on the command line.
BatchMode=yes
AuthPassword.AllowFromCommandLine=yes

Example of displaying the remote host's hostname

$ssh2 -obatchmode=yes -oauthpassword.allowfromcommandline=yes --password=tewstpasswd testuser@testhost hostname

warning: Supplying the password on the command line is VERY insecure. In
warning: a multi-user environment, the password is trivial to recover
warning: from the process table. You should set up a more secure way to
warning: authenticate. "publickey" authentication with ssh-agent,
warning: certificates, "hostbased" authentication and "gssapi" can all
warning: provide non-interactive authentication in a secure way. Even
warning: private keys with no passphrases are much more secure than a
warning: password on the command line. At the minimum, use
warning: --password=file://, with the file having 0600
warning: permissions (or -rw------- in ls) to store the password. This
warning: has much more security than supplying the password in the clear
warning: on the command line.
Authentication successful.
testhost.testdomain.com
$

Using a password from a password file

The password can be read from a file with the command-line option --password=file://name_of_the_file. The following configuration option should be entered to the client configuration file (ssh2_config) or directly on the command line.
BatchMode=yes
The password file should be created in the current working directory. The file should contain only the target user's password. On Unix, this file must have the permissions 0600, and must be owned by the user running ssh2. This can be accomplished by setting the umask to 066 before creating the file, or by running
$ rm pass_file
$ touch pass_file
$ chmod 0600 pass_file
and then editing the file to add the password. On Windows, use Windows Explorer and select Properties > Security or use the command-line tool cacls.exe to modify the password file permissions so that only the current user and SYSTEM can access the file.

Example of displaying the remote host's hostname

$ ls -l pass_file 
rw-------      1       testuser           testgroup                  12 Nov 24 11:11           pass_file
$ 

$ cat pass_file 
testpasswd
$ 

$ ssh2 -obatchmode=yes --password=file://pass_file testuser@testhost hostname
Authentication successful.
testhost.testdomain.com
$

-
link

answered Dec 22 '10 at 15:26

Alan%20-%20Tectia%20Support's gravatar image

Alan - Tectia Support ♦
236335

Im gettina error ssh2 command is not found and if i try with ssh it says Permission denied (publickey,password,keyboard-interactive).

link

answered Jun 09 '14 at 10:49

sudhams's gravatar image

sudhams
1

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×38
×17
×5
×3

Asked: Dec 22 '10 at 15:23

Seen: 14,587 times

Last updated: Jun 09 '14 at 10:49

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.