[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] ssh remote command execution without public keys.

On Fri, Sep 05, 2003 at 03:05:22PM +0200, Alex Polite wrote:
> I have ssh access to a server (A) where public key authentication is not
> allowed. I want access information on (A) from a cron script on
> server (B).
> I figure there must be a way to wrap ssh in script that takes the
> password in clear text as one argument. It's probably heresy to a lot
> of people but I'm sure it can be done. And if the file permissions are
> set right I don't see why it should be any less secure than public
> keys with empty pass phrases.
> But how is it done?

Look at 'expect'. This can fake up a terminal that you could use to feed
a password to ssh.

The reason why schemes like this are less secure than public keys with
empty passphrases is that you can set up .ssh/authorized_keys so that
public keys are forced to be able to run only a single command. This
makes single-purpose keys feasible and reasonably secure as long as the
script at the other end is prepared for hostile input. In your case,
though, there's no way to restrict the set of commands that an attacker
who compromises (B) can execute on (A) beyond how you could restrict any
local user. You might get away with it if you were sshing to a
special-purpose user with a restricted shell, maybe; but eww.

If I were you I'd definitely ask the administrator of (A) to enable
public key authentication.


Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to: