How to specify password in ssh command

Question

From the terminal I type: ssh user@ip and then it prompts for a password.
Is there a way to specify the password in the ssh command itself?

Answer 1

Use sshpass, one of two forms:

sshpass -ffilename ssh user@ip   # prefer this
sshpass -pPa5sw0rd ssh user@ip   #  avoid this

where your password is in the first line of the file filename or it is literally Pa5sw0rd. Notes:

• In the manual there is no space after -p or -f, but at least sshpass 1.06 in my Debian 10 allows it; your sshpass may or may not.
• If your password contains characters your shell will interpret (like $, ' or ;) then you should quote it properly in the command line (but not in the file).
• Avoid -p, prefer -f. Use chmod 600 filename to make the file private (root will still be able to access it though). Read about security considerations in the manual.

Answer 2

The correct way to do this, is to switch from password authentication to a public/private key pair. This typically needs no reconfiguration at all and is quite easy.

Step 1: If you do not have a key, create one: ssh-keygen will do that for you

Step 2: Authorize this key on the remote host: Run ssh-copy-id user@ip once, using your password

Step 3: From now on ssh user@ip will no longer ask for your password

Answer 3

While this might be a ´workarround you can get the job of logging in fast done pretty easily by pasting the password in your clipboard and paste it when prompted. In a batchfile on windows this would look something like this:

clip <your-password>
ssh <user>@<server>

When you run the script just hit Ctrl + V and you're in.

Answer 4

Here's a solution that uses clarkwang/passh. It works on macOS (tested on 13.4.1) as well as Linux, FreeBSD, OpenWRT and some others.

Download & compile

Precompiled binaries don't exist at this time, but just a few commands get it installed:

git clone https://github.com/clarkwang/passh && cd passh
cc -o passh passh.c
cp passh /usr/local/bin

Use

passh -c1 -C -t10 -T -p hunter2 ssh -t user@host 'echo $HOSTNAME'

Options explained

• -c1 only make 1 attempt at password login
• -C exit if password login fails
• -t10 means timeout after 10 seconds
• -T exit if timeout occurs
• -p specifies the password to input

Other options

expect

Here's an answer that uses expect. I prefer passh because it doesn't require a HEREDOC or separate script, and works on embedded platforms like OpenWRT that don't always ship with expect.

sshpass

sshpass was removed from Homebrew (edit: seems to have returned) and is a bit convoluted to install on macOS. The passh author has also documented some details explaining why it's broken at passh/sshpass-broken.md.

Answer 5

I encountered the same problem. When I checked all the open-source projects, I didn't find a suitable tool, so I wrote one and compile to binary autossh. In Unix systems, it uses passh to login with password, and in Windows, it uses putty.exe.

You can use it to record, restore, and log in to remote servers. When using it, don't forget to set the environment variable ASKEY to protect the password.

add

❯ autossh add -u idhyt -p password -i 1.2.3.4 -n ubuntu
+-------+--------+-------+---------+------+
| index | name   | user  | ip      | port |
+=======+========+=======+=========+======+
| 1     | ubuntu | idhyt | 1.2.3.4 | 22   |
+-------+--------+-------+---------+------+

add other server info by -N/--note option, like -N "expired at 2022-11-11"

note! the password need to be escaped if there are special characters in it. you can refer to the following which-characters-need-to-be-escaped-when-using-bash

remove/rm/delete/del

❯ autossh rm -i 1
+-------+------+------+----+------+
| index | name | user | ip | port |
+-------+------+------+----+------+

remove multiple records by rm -i 1 2 3 ...

list/ls/l

❯ autossh ls
+-------+--------+-------+---------+------+
| index | name   | user  | ip      | port |
+=======+========+=======+=========+======+
| 1     | ubuntu | idhyt | 1.2.3.4 | 22   |
+-------+--------+-------+---------+------+

maybe scp something, add option parameter -a/--all to show password.

❯ autossh ls --all
+-------+--------+-------+---------+------+----------+
| index | name   | user  | ip      | port | password |
+=======+========+=======+=========+======+==========+
| 1     | ubuntu | idhyt | 1.2.3.4 | 22   | password |
+-------+--------+-------+---------+------+----------+

login

❯ autossh login -i 1
(idhyt@1.2.3.4) Password:
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-156-generic x86_64)

in windows, you need download putty.exe and place in the same directory as the tool.

backup or restore

the record file is location $HOME/.autossh.toml, you can change and backup it.

if you don't know the location, you can use the debug mode command to find it.

❯ RUST_LOG=DEBUG autossh list
[2024-06-19T10:04:22Z DEBUG  autossh::ssh::record] the record data located in `/home/idhyt/.autossh.toml`

security

the password fields is plaintext by default,

if you wish to encrypt it, import environment variables ASKEY before use.

export ASKEY="SecretKey" in bash or set ASKEY="SecretKey" in cmd.

❯ export ASKEY="protected"
❯ autossh add -u idhyt -p password -i 1.2.3.4 -n ubuntu
> autossh list --all
+-------+--------+-------+---------+------+----------+
| index | name   | user  | ip      | port | password |
+=======+========+=======+=========+======+==========+
| 1     | ubuntu | idhyt | 1.2.3.4 | 22   | password |
+-------+--------+-------+---------+------+----------+
❯ cat ~/.autossh.toml | grep password
password = "IiaMr0ce4iKF5AvXf+rtFQ9mET0Ug4hLOoGeybzyOQx/lUvh"