Pass SCP User passward in shell program

michaelyu33 · 03-17-2005, 04:51 PM

Need help on pass the SCP user passward in shell program. I have a sample shell program test1.sh and it contains the following:

WRK_FILE=/home/oracle/exp/test.dmp

if [ -e ${WRK_FILE} ];
then
scp ${WRK_FILE} oracle@dataserver.pender.com:/home/oracle/data
###How do I pass the Oracle OS user password in the shell program
fi

Any thoughts!!!
Thanks and have a great day

Tinkster · 03-17-2005, 06:59 PM

Hi, and welcome to LQ!

May I suggest that you use password-less logins for ssh
instead of trying to put a password into the script?

public key authentication with ssh

Cheers,
Tink

michaelyu33 · 03-18-2005, 08:15 AM

Thank you so much. In our case, we must use password authentication. Because I am transfer data from one production server to another server. Security is the top priority. Is there a way in Shell to solve those kind of problems?

Tinkster · 03-18-2005, 12:15 PM

Let's put it that way ... if an attacker will be able to get
the Public-Key-Pairs of the machines he'll be able to
get the password from the script as well. If the boxes
are locked-down via firewalls to the outside world, and
have good security measures physically having the
password in a file is no safer than the public key pair
method.

[edit]
If you're adamant that Public Keys are not an option,
have a look at Perl and get Net::SCP::Expect from CPAN.

Personally I'd prefer the public-key method because
that way the attacker won't be able to figure out how
you chose passwords as a rule of thumb. Reconsider
your approach :) ... should I ask another mod to move
this thread to the security forum instead? I don't think
that the scripting should be your primary concern here.
[/edit]

Cheers,
Tink