I need to automate ssh-keygen -t rsa with out a password i.e. enter at the prompt.
How can I do that from a shell script?
To generate a SSH keypair without being prompted for a passphrase you can do the following:
$ ssh-keygen -f id_rsa -t rsa -N ''
If you need to do this from PowerShell in windows use:
ssh-keygen -f $Name -t rsa -N '""'
note you also have to ensure the git bin directory is in your path:
$sshPath = "<path>\git\bin\"
$env:path += ";$sshPath"
Then to use it in PoshGit it's just:
Add-SshKey "<path>\.shh\KeyFilename"
$ ssh-keygen -f $HOME/.ssh/id_rsa -t rsa -N ''
Just a correction to answer 2...
I found out on my OL and RHEL system the file name should be id_rsa not id.rsa.
So on a OL or RHEL system the command would be:
$ ssh-keygen -f id_rsa -t rsa -N ''
What about :
ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ''
As noted in man ssh-keygen :
SYNOPSIS
ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile]
(...)
-q Silence ssh-keygen.
(that is with openssh-client package in Debian 9.4 stretch : OpenSSH_6.7p1 Debian-5+deb8u4)
I needed to automate in a bash script the ssh-keygen command and the final answer which works well to me:
echo -e "\n" | ssh-keygen -N "" &> /dev/null
The echo command with the -e interprets "\n" as an Enter key, but do not work with the passphrase. Then using the option -N "" (empty passphrase) the password will be empty and will not ask for anything.
&> /dev/null will send the 'stdout' and 'stderr' to /dev/null so nothing is printed through the display.
$ printf '\n' | ssh-keygen -N ''
Please Enjoy this script...
Powershell script (e.g. for github)
paste this into your myscript.ps1 file...
param(
[Parameter(Mandatory)]
[string]$keyName=$(throw "keyName - Param must be supplied"),
[Parameter(Mandatory)]
[string]$email=$(throw "email - Param must be supplied"),
$u="git",
$d="github.com",
$c="rsa"
)
$repo="repoName"
$account=":accountName"
$currentDir = Get-Location
Write-Host $HOME/.ssh/$keyName`_$c
mkdir $HOME/.ssh
Set-Location $HOME/.ssh
ssh-keygen -f ./$keyName`_$c -t $c -C $email -N '""'
Add-Content -Path ./config -Value "
Host $keyName
User $u
Hostname $d
PreferredAuthentications publickey
IdentitiesOnly yes
IdentityFile $HOME/.ssh/$keyName`_$c"
Write-Host "`n
Put this key into $d :"
cat $HOME/.ssh/$keyName`_$c.pub
Write-Host "`n
Use this to Clone the $repo repo :
git clone $u#$keyName$account/$repo.git"
cat config
Set-Location $currentDir
above is untested but it is close to what I have working
Command to execute
> myscript.ps1 -keyName yourname -email yourname#yourdomain.com
Related
On Ubuntu I generated a key using ssh-keygen -t rsa -b 4096 command.
While trying to convert the generated key to OpenSSH format with
ssh-keygen -i -f id_rsa.pub > id_rsa_openssh.pub, I get error uudecode failed.
Any idea how to resolve this error.
Probably too late but using
ssh-keygen -e -f id_rsa.pub > id_rsa_openssh.pub
worked for me.
Hello everyone i need your help plz, i'm using gitlab ci/cd and trying to deploy my .jar application to an ubuntu server, i configured my gitlab project with a windows runner with shell executor. i configured a key based access on the runner to avoid being prompt for a password;
the following command runs successfully when i login to the runner machine and use it's powershell :
scp -i C:\Users\Administrators\ssh\id_rsa myapp-0.0.1-SNAPSHOT.jar username#myubuntuserver:/
but when i'm using the above commande in my .yml file to copy the .jar on the server, it doesn't give any response until the job fail due to timeout
i tried also the solution proposed here https://docs.gitlab.com/ee/ci/ssh_keys/ by setting an SSH_PRIVATE_KEY variable on my project but i'm unable to adapt the given 'before_script' to my windows runner.
this is the before_script proposed in the documentation (above link):
before_script:
- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y )'
- eval $(ssh-agent -s)
- echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add -
- mkdir -p ~/.ssh
- chmod 700 ~/.ssh
when the previous scp command is replaced by this:
ssh -iv C:\Users\Administrators\ssh\id_rsa username#myubuntuserver
i get the following output:
the image
Thanks in advance
It works after doing the following steps:
1) configuring the runner (shell executor) on ubuntu 18.04
2) Then from the terminal login as the gitlab-runner user: sudo su - gitlab-runner
3) run ssh-keygen -t rsa
4) run ssh -i ~/.ssh/id_rsa username#myubuntuserver:
5) run cat ~/.ssh/id_rsa.pub | ssh username#myubuntuserver "mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys"
5) now you can add the following to your job script (yml file) and it should work:
- scp -i ~/.ssh/id_rsa fileToCopy username#myubuntuserver:/mydirectory
#you can execute multiple commands at a time, for ex:
- ssh username#myubuntuserver " mv /mydirectory/myapp-0.0.1-SNAPSHOT.jar /mydirectory/myapp.jar "
Hope it will help
If ssh -iv C:\Users\Administrators\ssh\id_rsa username#myubuntuserver does not work, that may be because of the C: part, which confuses ssh into thinkig C is the name of the server!
A Unix-like path would work:
ssh -iv /C/Users/Administrators/ssh/id_rsa username#myubuntuserver
But, as the OP Medmahmoud comments, this supposes the public key has been published on the server:
Configure the runner on ubuntu18.04.
Then from the terminal login as the gitlab-runner user:
sudo su - gitlab-runner - run ssh-keygen -t rsa
ssh -i ~/.ssh/id_rsa username#myubuntuserver
cat ~/.ssh/id_rsa.pub | ssh username#myubuntuserver \
"mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys"
Now from your yml file the following should work:
- scp -i ~/.ssh/id_rsa pom.xml username#myubuntuserver:/mydirectory
Using scp and interactively entering the password the file copy progress is sent to the console but there is no console output when using sshpass in a script to scp files.
$ sshpass -p [password] scp [file] root#[ip]:/[dir]
It seems sshpass is suppressing or hiding the console output of scp. Is there a way to enable the sshpass scp output to console?
After
sudo apt-get install expect
the file send-files.exp works as desired:
#!/usr/bin/expect -f
spawn scp -r $FILES $DEST
match_max 100000
expect "*?assword:*"
send -- "12345\r"
expect eof
Not exactly what was desired, but better than silence:
SSHPASS="12345" sshpass -e scp -v -r $FILES $DEST 2>&1 | grep -v debug1
Note that -e is considered a bit safer than -p.
Output:
Executing: program /usr/bin/ssh host servername, user username, command scp -v -t /src/path/dst_file.txt
OpenSSH_6.6.1, OpenSSL 1.0.1i-fips 6 Aug 2014
Authenticated to servername ([10.11.12.13]:22).
Sending file modes: C0600 590493 src_file.txt
Sink: C0600 590493 src_file.txt
Transferred: sent 594696, received 2600 bytes, in 0.1 seconds
Bytes per second: sent 8920671.8, received 39001.0
In this way:
output=$(sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root 2>&1)
echo "Output = $output"
you redirect the console output in variable output.
Or, if you only want to see the console output of scp command, you should add only -v command in your ssh pass cmd:
sshpass -p $PASSWD scp -v $filename root#192.168.8.1:/root
I try to create SSH for using BitBucket with TortoisGit
I have typing the command for create the SSH (gitash) and get "Too many arguments" error.
the following is the output.
Thanks :)
Yoav#Yoav-PC MINGW32 ~ $ ssh-keygen –t rsa –C "myEmail#gmail.com"
Too many arguments. usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
[-N new_passphrase] [-C comment] [-f output_keyfile]
ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
ssh-keygen -i [-m key_format] [-f input_keyfile]
ssh-keygen -e [-m key_format] [-f input_keyfile]
ssh-keygen -y [-f input_keyfile]
ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]
ssh-keygen -B [-f input_keyfile]
ssh-keygen -D pkcs11
ssh-keygen -F hostname [-f known_hosts_file] [-l]
ssh-keygen -H [-f known_hosts_file]
ssh-keygen -R hostname [-f known_hosts_file]
ssh-keygen -r hostname [-f input_keyfile] [-g]
ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
[-j start_line] [-K checkpt] [-W generator]
ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]
[-O option] [-V validity_interval] [-z serial_number] file ...
ssh-keygen -L [-f input_keyfile]
ssh-keygen -A
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
file ...
ssh-keygen -Q -f krl_file file ...
Wrong dash symbol "–" in arguments; options are started with "-" (minus sign, ASCII code 0x2D). Here follows the same command with correct characters:
$ ssh-keygen -t rsa -C "myEmail#gmail.com"
Generating public/private rsa key pair.
...
The following is my code in create_tmux.zsh
#!/bin/zsh
SESSIONNAME=$1
echo $SESSIONNAME
tmux has-session -t $SESSIONNAME &> /dev/null
if [ $? != 0 ]
then
tmux new-session -d -s $SESSIONNAME -n emacs
tmux new-window -t $SESSIONNAME:1 -n a
tmux send-keys -t $SESSIONNAME:1 'ssh -Y a#bc.com;$2' C-m
fi
tmux attach -t $SESSIONNAME
It's simple if I run
create_tmux.zsh ab $%^^&av1#
But in this way, it not only shows in the terminal of my password but also recorded in history.
How can I solve this?
Thank you