SSH Pasting Passwords

Can you use ssh keys instead? This would allow using your own pass phrase associated with the key you create.

ssh-keygen -t rsa

Now copy the *$HOME/.ssh/id_rsa.pub* file to each site and append the *id_rsa.pub* file to the remote account's *.ssh/authorized_keys* file (repeat the copy and append 29 more times).

Now you should be able to connect based on your ssh key and no longer need to enter the long convoluted password. Instead you just need to enter your own selected ssh key pass phrase.

And you can use *ssh-add* after starting your Mac to add your pass phrase to the ssh-agent already running in the background. Once you do this, ssh will ask the ssh-agent before prompting you for a pass phrase it already knows.

This should totally streamline your ssh and scp access to the 30 remote sites.

You might be able to do something with the expect command, but the ideal solution would be to authenticate via public/private key pairs. Check out man ssh-keygen.

You could take a look at man sshd_config, but I don't think you can add passwords to those files.

Graeme Armitage1 wrote:
my ISP does not support SSH keys

My first advice is to find a decent ISP.

We don't have support for SSH keys for our users at the moment. As an alternative, a good SSH client like AbsoluteTelnet (www.celestialsoftware.net) can store passwords within its connection files. Store these connection files on an encrypted drive by using something like TrueCrypt (www.truecrypt.org) and you get a very secure system while being very easy to use as you have one username and password to enter in to access them.

This is windows based software so no use to me, But can terminal store passwords within its connection files?

You do not want to store passwords. That defeats most of the purpose of ssh. Look into ssh-agent. I've used it under Windows, but not on UNIX.

Look into ssh-agent. I've used it under Windows, but not on UNIX.

According to the man page, ssh-agent stores ssh keys and pass phrases. Not remote login passwords.

Now Unix man pages are not always the most "Robust", so even though ssh-agent says it only stores ssh keys and pass phrases, I guess it could be used to save remote passwords.

With you log into a Leopard system, you automatically get an ssh-agent and each Terminal session gets an SSH AUTHSOCK that points to the ssh-agent. However, I have never had it remember a remote password, only ssh key pass phrases.

I guess the poor original poster is left to contemplate my other piece of advice - finding a competent ISP.

I suppose it might be possible to write a short Perl script to initiate the ssh connection and feed it a plain-text password. That sounds like the ideal solution - convoluted and insecure. Don't ask me how to write such a script. While I am devilish enough to suggest it (more out of sarcasm than anything else), I'm not evil enough to show you how to do it. Get a new ISP.

If you feel like running with scissors, try something like:
<pre style="border: 1px solid #ddd; padding-left: .75ex; padding-top: .25em; padding-bottom: .25em; margin-top: .5em; margin-bottom: .5em; margin-left: 1ex; max-width: 80ex; overflow: auto; font-size: 10px; font-family: Monaco, 'Courier New', Courier, monospace; color: #444; background: #eee; line-height: normal">expect -c 'spawn ssh user@remote.host ; expect Password ; send "not-so-secret\n" ; interact'</pre>

Change "Password" to whatever the password prompt is.

You'll find more tips here.

Is there any way to get terminal to accept pasted passwords?

I tried pasting a password (by cmd-V) to the password prompt from ssh ('user@host's password:') in Terminal.app, and it worked. Do you mean you have tried cmd-V but it didn't work?
Or am I missing the whole point?

I believe you don't need any "skill" 😉
Maybe there are something I have not yet understood....

Do you mean a simple password like 'abc123xyz' can't be pasted? Or only "long convoluted passwords" can't bee pasted?
Did you try simple thing like 'ssh localhost' and pasting your password?