1 |
On Thursday, 14 July 2022 23:22:46 CEST Steve Wilson wrote: |
2 |
> On 14/07/2022 07:35, J. Roeleveld wrote: |
3 |
> > Hi All, |
4 |
> > |
5 |
> > I am looking for a way to login to a host and automatically change to root |
6 |
> > using a password provided by an external program. |
7 |
> > |
8 |
> > The root passwords are stored in a vault and I can get passwords out using |
9 |
> > a script after authenticating. |
10 |
> > |
11 |
> > Currently, I need to do a lot of the steps manually: |
12 |
> > ssh <user>@<host> |
13 |
> > su - |
14 |
> > (copy/paste password from vault) |
15 |
> > |
16 |
> > I would like to change this to: |
17 |
> > <some-script> <host> |
18 |
> > |
19 |
> > Does anyone have any hints on how to achieve this without adding a |
20 |
> > "NOPASSWD" entry into /etc/sudoers ? |
21 |
> > |
22 |
> > Thanks in advance, |
23 |
> > |
24 |
> > Joost |
25 |
|
26 |
> Have you looked at dev-tcltk/expect? |
27 |
> |
28 |
> There's possibly an example you could try at |
29 |
> <https://www.journaldev.com/1405/expect-script-ssh-example-tutorial> |
30 |
> although you probably want to prompt for the password or retreive it |
31 |
> programatically rather than putting it on the command line :o |
32 |
> |
33 |
> Steve. |
34 |
> |
35 |
|
36 |
This looks promising. Will have a look to see if this can be made to work. |
37 |
I will need to find a way to get the password programmatically inside the |
38 |
script as I will not put it on the commandline and definitely not hard-coded |
39 |
in a script. |
40 |
|
41 |
-- |
42 |
Joost |