I am trying to run the following command in karate using karate.fork
ssh -o ProxyCommand="ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost" -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no -o PasswordAuthentication=no root#finaldest echo test
I have broken this up into an array to pass to karate.fork like so:
[
ssh,
-o,
ProxyCommand="ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost",
-i,
~/.ssh/id_rsa,
-o,
StrictHostKeyChecking=no,
-o,
PasswordAuthentication=no,
root#finaldest,
echo test
]
Then run the command like so:
* karate.fork(args) where args is the array mentioned above
The command works when I paste it into the terminal and run it manually, however when run with karate.fork I get
zsh:1: no such file or directory: ssh -W finaldest:22 -I ~/.ssh/id_rsa root#myjumphost
kex_exchange_identification: Connection closed by remote host
I have tried adding a few backslashes before the " in the ProxyCommand but no amount of back slashes fixes this issue. I think I am misunderstanding what karate.fork is doing to run the command, is there some internal parsing or manipulating of the given input? I was able to get this command to work when I used useShell: true however this option breaks other tests for me so I would really like to avoid it.
I had to remove the double quotes, seems like they didn't play well with karate.fork and the command still runs without them
[
ssh,
-o,
ProxyCommand=ssh -W %h:%p -i ~/.ssh/id_rsa root#myjumphost,
-i,
~/.ssh/id_rsa,
-o,
StrictHostKeyChecking=no,
-o,
PasswordAuthentication=no,
root#finaldest,
echo test
]
I wanted to change the title of the window using the command as described here over SSH, however I kept get getting the error:
033]sh: Hello: command not found
Connection to host closed.
with the command:
ssh.exe user#host -t 'echo -en "\033];Hello World\007"'
No matter how I try to escape them, it seems to somehow return error. Tried:
ssh.exe user#host -t 'echo -en "\\033];Hello World\\007"'
ssh.exe user#host -t "echo -en \'\\033];Hello World\\007\'"
Any idea how to fix this?
On my linux server I run the command:
sshpass -p 'password' rsync -avz /source/folder/ root#192.168.x.x:/dest/folder
When I run the command without sshpass it will provide me with prompts for authenticity of host and the password.
I need some equivalent to "-o StrictHostKeyChecking=no" (which I use for ssh) that will allow me to run this with no prompts or errors.
Everything I saw from googling was about ssh throwing the error not rsync.
If you want to connect to new server, which public key is not yet in your ~/.ssh/knonwn_hosts, you should not skip this only security check, but rather store the server host key in the known_hosts manually, verify that it is correct and then make the automatic check working.
Simplest way to get the known hosts populated with the server host key is using
ssh-keyscan server-ip >> ~/.ssh/known_hosts
After that, you should not need to use the StrictHostKeyChecking=no workaround.
This is the right command without output errors:
sshpass -p "yourpassword" rsync -rvz -e 'ssh -o StrictHostKeyChecking=no -p 22' --progress root#111.111.111.111:/backup/origin /backup/destination/
I found the following command at cyberciti. This allowed me to do exactly what I needed.
$ rsync --rsh="sshpass -p myPassword ssh -o StrictHostKeyChecking=no -l username" server.example.com:/var/www/html/ /backup/
In some cases sshpass attempts find "assword" as the default password prompt indicator. But rsync can return similar string:
Enter passphrase for key '/home/user/.ssh/private_user_key':
So, try to add '-P' parameter:
sshpass -p "yourpassword" -P 'Enter passphrase for key' rsync 111.111.111.111:/backup/origin /backup/destination/
Path to your private key you can set in /home/user/config or set with -e parameter like that:
sshpass -p "yourpassword" -P 'Enter passphrase for key' rsync -e 'ssh -i /home/user/.ssh/private_user_key' 111.111.111.111:/backup/origin /backup/destination/
More inf about default password prompt indicator:
$ sshpass -V
sshpass 1.06
(C) 2006-2011 Lingnu Open Source Consulting Ltd.
(C) 2015-2016 Shachar Shemesh
This program is free software, and can be distributed under the terms of the GPL
See the COPYING file for more information.
Using "assword" as the default password prompt indicator.
Setup:
Local *nix machine with a SQL script script.sql (Postgres).
Remote machine remote (Debian 7) with Postgres.
I can SSH in as some_user, who is a sudoer.
Anything with Postgres needs to be done as postgres user.
The server only listens on localhost:5432.
How do I execute script.sql on remote without copying it there first?
This works well:
ssh -t some_user#remote 'sudo -u postgres psql -c "COMMANDS FOO BAR"'
The -t flag means that sudo will ask for some_user's password correctly on the local terminal.
One thing remains, to be able to pipe script.sql to psql. This does not work:
ssh -t some_user#remote 'sudo -u postgres psql' < script.sql
It fails with the message:
Pseudo-terminal will not be allocated because stdin is not a terminal.
sudo: no tty present and no askpass program specified
Edit: simplified example
Postgres and psql don't seem to figure much in the problem. The following code has the same issues:
ssh some_user#remote xargs sudo ls < input_file
The problem seems to be: we need to send 2 inputs to sudo, both the password using a tty, and the stdin to pass to ls.
Edit: even simpler
ssh localhost xargs sudo ls < input_file
sudo: no tty present and no askpass program specified
Adding -t does not work:
$ ssh -t localhost xargs sudo ls < input_file
Pseudo-terminal will not be allocated because stdin is not a terminal.
sudo: no tty present and no askpass program specified
Adding another -t does not work either:
$ ssh -t -t localhost xargs sudo ls < input_file
<content of input_file>
<waiting on a prompt>
ssh -T some_user#remote "sudo -u postgres psql -f-" < script.sql
"-f-" will read the script from STDIN. Just redirect the file in there, and there you go.
Don't bother with -t option to ssh, you don't need a full terminal for this.
ssh -T ${user}#${ip} sudo DEBIAN_FRONTEND=noninteractive postgres psql -f- < test.sql
Use DEBIAN_FRONTEND=noninteractive for resolve no tty present or equivalent of your distribution.
I need to do rsync by ssh and want to do it automatically without the need of passing password for ssh manually.
Use "sshpass" non-interactive ssh password provider utility
On Ubuntu
sudo apt-get install sshpass
Command to rsync
/usr/bin/rsync -ratlz --rsh="/usr/bin/sshpass -p password ssh -o StrictHostKeyChecking=no -l username" src_path dest_path
You should use a keyfile without passphrase for scripted ssh logins. This is obviously a security risk, take care that the keyfile itself is adequately secured.
Instructions for setting up passwordless ssh access
You can avoid the password prompt on rsync command by setting the environment variable RSYNC_PASSWORD to the password you want to use or using the --password-file option.
I got it to work like this:
sshpass -p "password" rsync -ae "ssh -p remote_port_ssh" /local_dir remote_user#remote_host:/remote_dir
If you can't use a public/private keys, you can use expect:
#!/usr/bin/expect
spawn rsync SRC DEST
expect "password:"
send "PASS\n"
expect eof
if [catch wait] {
puts "rsync failed"
exit 1
}
exit 0
You will need to replace SRC and DEST with your normal rsync source and destination parameters, and replace PASS with your password. Just make sure this file is stored securely!
The following works for me:
SSHPASS='myPassword'
/usr/bin/rsync -a -r -p -o -g --progress --modify-window=1 --exclude /folderOne -s -u --rsh="/usr/bin/sshpass -p $SSHPASS ssh -o StrictHostKeyChecking=no -l root" source-path myDomain:dest-path >&2
I had to install sshpass
Use a ssh key.
Look at ssh-keygen and ssh-copy-id.
After that you can use an rsync this way :
rsync -a --stats --progress --delete /home/path server:path
Another interesting possibility:
generate RSA, or DSA key pair (as it was described)
put public key to host (as it was already described)
run:
rsync --partial --progress --rsh="ssh -i dsa_private_file" host_name#host:/home/me/d .
Note: -i dsa_private_file which is your RSA/DSA private key
Basically, this approach is very similar to the one described by #Mad Scientist, however you do not have to copy your private key to ~/.ssh. In other words, it is useful for ad-hoc tasks (one time passwordless access)
Automatically entering the password for the rsync command is difficult. My simple solution to avoid the problem is to mount the folder to be backed up. Then use a local rsync command to backup the mounted folder.
mount -t cifs //server/source/ /mnt/source-tmp -o username=Username,password=password
rsync -a /mnt/source-tmp /media/destination/
umount /mnt/source-tmp
The official solution (and others) were incomplete when I first visited, so I came back, years later, to post this alternate approach in case any others wound up here intending to use a public/private key-pair:
Execute this from the target backup machine, which pulls from source to target backup
rsync -av --delete -e 'ssh -p 59333 -i /home/user/.ssh/id_rsa' user#10.9.9.3:/home/user/Server/ /home/keith/Server/
Execute this from the source machine, which sends from source to target backup
rsync -av --delete -e 'ssh -p 59333 -i /home/user/.ssh/id_rsa' /home/user/Server/ user#10.9.9.3:/home/user/Server/
And, if you are not using an alternate port for ssh, then consider the more elegant examples below:
Execute this from the target backup machine, which pulls from source to target backup:
sudo rsync -avi --delete user#10.9.9.3:/var/www/ /media/sdb1/backups/www/
Execute this from the source machine, which sends from source to target backup:
sudo rsync -avi --delete /media/sdb1/backups/www/ user#10.9.9.3:/var/www/
If you are still getting prompted for a password, then you need to check your ssh configuration in /etc/ssh/sshd_config and verify that the users in source and target each have the others' respective public ssh key by sending each over with ssh-copy-id user#10.9.9.3.
(Again, this is for using ssh key-pairs without a password, as an alternate approach, and not for passing the password over via a file.)
Though you've already implemented it by now,
you can also use any expect implementation (you'll find alternatives in Perl, Python: pexpect, paramiko, etc..)
I use a VBScript file for doing this on Windows platform, it servers me very well.
set shell = CreateObject("WScript.Shell")
shell.run"rsync -a Name#192.168.1.100:/Users/Name/Projects/test ."
WScript.Sleep 100
shell.SendKeys"Your_Password"
shell.SendKeys "{ENTER}"
Exposing a password in a command is not safe, especially when using a bash script, if you tried to work with keyfiles thats will be nice.
create keys in your host with ssh-keygen and copy the public key with ssh-copy-id "user#hostname.example.com and then use rsync addin the option -e "ssh -i $HOME/.ssh/(your private key)" to force rsync using ssh connection via the the private key that you create earlier.
example :
rsync -avh --exclude '$LOGS' -e "ssh -i $HOME/.ssh/id_rsa" --ignore-existing $BACKUP_DIR $DESTINATION_HOST:$DESTINATION_DIR;
Here's a secure solution using a gpg encrypted password.
1.Create a .secret file containing your password in the same folder as your rsync script using the command:
echo 'my-very-secure-password' > .secret
Note that the file is hidden by default for extra security.
2.Encrypt your password file using the following gpg command and follow the prompts:
gpg -c .secret
This will create another file named .secret.gpg. Your password is now encrypted.
3.Delete the plain text password file
rm .secret
4.Finally in your rsync script use gpg and sshpass as follows:
gpg -dq secret.gpg | sshpass rsync -avl --mkpath /home/john user_name#x.x.x.x/home
The example is syncing the entire home folder for the user named john to a remote server with IP x.x.x.x
Following the idea posted by Andrew Seaford, this is done using sshfs:
echo "SuperHardToGuessPass:P" | sshfs -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no user#example.com:/mypath/ /mnt/source-tmp/ -o workaround=rename -o password_stdin
rsync -a /mnt/source-tmp/ /media/destination/
umount /mnt/source-tmp