4

I have a script with ssh commands that are using a jump host:

scp -J user@jump file admin@server
ssh -J user@jump admin@server "touch hello"

I would like to ask for the passwords only once and tried sshpass:

sshpass -p "PasswordForJump" scp -J user@jump file admin@server

This will only ask the password for admin@server. However, since there are two ssh/scp commands, I still have to enter the admin password twice.

I tried to nest the sshpass but the script is blocked:

sshpass -p "PasswordForJump" sshpass -p "PasswordForServer" ssh -J user@jump admin@server

Naively I have tried to set the two passwords in a file (one per line) by expecting sshpass to use one after the other but this fail too.

Can I use sshpass to supply two passwords ?

gervais.b
  • 141
  • 1
  • 3
  • Why you don't use `ssh-coy-id'' to connect passwordless? Then you can copy files [with pipes](https://unix.stackexchange.com/a/610135/209677) – Pablo Bianchi Nov 23 '21 at 17:50

2 Answers2

0

I got it to work with the proxy command:

> sshpass -p serverpassword ssh -oProxyCommand="sshpass -p gatewaypassword ssh -W %h%p uname@gatwayserver" uname@targetserver
kaminsknator
  • 101
  • 2
0
env SSHPASS="JUMP_PASSWORD" \
  sshpass -d 123 ssh \
    -o ProxyCommand="sshpass -e ssh -W %h:%p JUMP_USER@JUMP_HOST" \
  TARGET_USER@TARGET_HOST \
  123<<<TARGET_PASSWORD

The above example is from my answer to a similar question in StackExchange: https://unix.stackexchange.com/questions/597351/sshpass-with-ssh-j-jump-host/668489#668489

This example is more secure that using the sshpass -p option to pass in the password. Using the -p argument allows the password to be seen in the system process list. Using a combination of -e and -d will avoid that from occurring.

Russell E Glaue
  • 101
  • 3
  • this proposition is interesting, but the question is about the use of scp not ssh. And with scp you can't use ProxyCommand. – Nico Nov 11 '22 at 11:18
  • "the question is also about the use of scp not only ssh" – Nico Nov 11 '22 at 11:25