Return-Path: Delivered-To: apmail-felix-users-archive@minotaur.apache.org Received: (qmail 90234 invoked from network); 16 Feb 2011 19:53:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 16 Feb 2011 19:53:07 -0000 Received: (qmail 43070 invoked by uid 500); 16 Feb 2011 19:53:06 -0000 Delivered-To: apmail-felix-users-archive@felix.apache.org Received: (qmail 42989 invoked by uid 500); 16 Feb 2011 19:53:06 -0000 Mailing-List: contact users-help@felix.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@felix.apache.org Delivered-To: mailing list users@felix.apache.org Delivered-To: moderator for users@felix.apache.org Received: (qmail 40046 invoked by uid 99); 16 Feb 2011 19:51:43 -0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Message-ID: <4D5C2AAA.7030400@daniel-faber.de> Date: Wed, 16 Feb 2011 20:51:06 +0100 From: Daniel Faber User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101208 Lightning/1.0b2 Mnenhy/0.8.3 Thunderbird/3.1.7 Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=_neon.leptonite.de-16014-1297885870-0001-2" To: users@felix.apache.org Subject: Re: Any way to login karaf sshd non-interactively? References: In-Reply-To: X-Enigmail-Version: 1.1.2 Mail-Followup-To: users@felix.apache.org X-Virus-Checked: Checked by ClamAV on apache.org --=_neon.leptonite.de-16014-1297885870-0001-2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 16.02.2011 09:32, Forrest Xia wrote: > Current karaf sshd feature allow user to login karaf shell via ssh clie= nt, > but it requires password to authenticate? Is there a way to make the fe= ature > like popular ssh server that authentication is via ssh certificate file= , no > password prompt? I don't know karaf, but if I understand your question correctly, karaf provides a ssh server that only supports password authentication but you want to login in a non-interactive way. It is possible to do non-interactive ssh password logins with a tool called sshpass. In ubuntu the package is also calles sshpass. =46rom man page: sshpass is a utility designed for running ssh using the mode referred to as "keyboard-interactive" password authentication, but in non-interactive mode. ssh uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user. Sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user. This is what you want, isn't it? You can provide the password to sshpass via a file, stdin or just on the command line. Daniel --=_neon.leptonite.de-16014-1297885870-0001-2 Content-Type: application/pgp-signature; name="signature.asc" Content-Transfer-Encoding: 7bit Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk1cKq4ACgkQiahpYzN1Zhk75QCeMXI28nSMCjzyxwSiTB/hjKK5 AhEAnRBNusjWHzn5SYT9F1i+1BA3mx1m =67h+ -----END PGP SIGNATURE----- --=_neon.leptonite.de-16014-1297885870-0001-2--