SSH login expect shell script to supply username and password

by on April 10, 2008 · 86 comments

Expect is a Unix and Linux automation and testing tool. It works with interactive applications such as telnet, ftp, passwd, fsck, rlogin, tip, ssh, and many others. It uses Unix pseudo terminals to wrap up subprocesses transparently, allowing the automation of arbitrary applications that are accessed over a terminal. A simple expect script to supply OpenSSH root/admin password for remote ssh server and execute the Unix / Linux / BSD commands. First, you need to install expect tool by following these instructions.

  1. #!/usr/bin/expect -f
  2. # Expect script to supply root/admin password for remote ssh server
  3. # and execute command.
  4. # This script needs three argument to(s) connect to remote server:
  5. # password = Password of remote UNIX server, for root user.
  6. # ipaddr = IP Addreess of remote UNIX server, no hostname
  7. # scriptname = Path to remote script which will execute on remote server
  8. # For example:
  9. # ./sshlogin.exp password 192.168.1.11 who
  10. # ------------------------------------------------------------------------
  11. # Copyright (c) 2004 nixCraft project <http://cyberciti.biz/fb/>
  12. # This script is licensed under GNU GPL version 2.0 or above
  13. # -------------------------------------------------------------------------
  14. # This script is part of nixCraft shell script collection (NSSC)
  15. # Visit http://bash.cyberciti.biz/ for more information.
  16. # ----------------------------------------------------------------------
  17. # set Variables
  18. set password [lrange $argv 0 0]
  19. set ipaddr [lrange $argv 1 1]
  20. set scriptname [lrange $argv 2 2]
  21. set arg1 [lrange $argv 3 3]
  22. set timeout -1
  23. # now connect to remote UNIX box (ipaddr) with given script to execute
  24. spawn ssh root@$ipaddr $scriptname $arg1
  25. match_max 100000
  26. # Look for passwod prompt
  27. expect "*?assword:*"
  28. # Send password aka $password
  29. send -- "$password\r"
  30. # send blank line (\r) to make sure we get back to gui
  31. send -- "\r"
  32. expect eof

Other options

  • Use sshpass command provide the password and username for ssh based login using the mode referred to as "keyboard-interactive" password authentication, but in non-interactive mode.
  • OpenSSH offers RSA and DSA authentication to remote systems without supplying a password. keychain is a special bash script designed to make key-based authentication incredibly convenient and flexible.


4000+ howtos and counting! If you enjoyed this article, join 45000+ others and get free email updates!

Click here to subscribe via email.

  • Michelle Kelly

    I am new to autoexpect and I am having issues with the script that I have created. The process does not complete fully and I am not sure how to fix this. It will not move the database files into the appropriate location.

    Script:
    spawn /bin/bash
    [root@hp36ed01 bin]# ./installdb_unc
    logname: no login name
    ======================================================================

    — Universal Addressing Module Installation –

    The environment for Database Installation is currently set to:

    Distribution type: cd
    Mounted CD directory: /holding/UNC/db

    Press enter to continue.

    CDQ Platform – Universal Addressing Module Installation Menu

    1. US Subscription
    2. Canadian Subscription
    3. International Subscription

    99. Exit

    Enter the number of the product that you want to load
    the subscription database for and then press enter: 1

    US Postal Database Menu
    ======================================
    Database Installation

    1. Subscription Database
    2. Delivery Point Validation
    3. Residential Delivery Indicator
    4. Early Warning System
    5. LACSLink Database
    6. SuiteLink Database

    99. Exit

    Enter the number of the type of data you want to load
    and then press enter: 1

    The database load environment is currently set to:

    Database input file location: /holding/UNC/db
    Database output location: /opt/UNC

    Enter c to (c)ontinue
    or m to (m)odify database input/output locations
    or q to (q)uit

    ===> m

    Which do you want to change?

    Enter 1 to change the input file location
    or 2 to change the database output location
    or 3 to change both

    ===> 2

    Please enter full path where you would like to install
    the CODE-1 Plus database ==> /usr/UNC/db/test12012

    The new CODE-1 Plus database location will be: /usr/UNC/db/test12012
    Is this correct?

    Enter (y)es to continue.
    (n)o to try again.

    ===> y
    /opt/UNC/server/bin/setup is updated.
    /opt/UNC/server/bin/setup is updated.

    Do you wish to load the optional ELOT file?
    Enter (y)es
    (n)o

    ===> n
    *************************************
    CODE-1 PLUS DATABASE INSTALLATION

    Installed on Tue Sep 25 12:23:01 CDT 2012

    Creating CODE-1 Plus Database
    Which do you want to change?\r
    \r
    Enter 1 to change the input file location\r
    or 2 to change the database output location\r
    or 3 to change both\r
    \r
    ===> ”
    send — “2\r”
    expect -exact “2\r
    [H[2J\r
    Please enter full path where you would like to install\r
    the CODE-1 Plus database ==> "
    send -- "/usr/UNC/db/test12012\r"
    expect -exact "/usr/UNC/db/test12012\r
    \r
    The new CODE-1 Plus database location will be: /usr/UNC/db/test12012\r
    Is this correct?\r
    \r
    Enter (y)es to continue.\r
    (n)o to try again.\r
    \r
    ===> "
    send -- "y\r"
    expect -exact "y\r
    /opt/UNC/server/bin/setup is updated.\r
    /opt/UNC/server/bin/setup is updated.\r
    [H[2J\r
    Do you wish to load the optional ELOT file?\r
    Enter (y)es\r
    (n)o\r
    \r
    ===> "
    send -- "n\r"
    expect -exact "n\r
    [H[2J*************************************\r
    CODE-1 PLUS DATABASE INSTALLATION\r
    \r
    Installed on Tue Sep 25 12:21:28 CDT 2012\r
    \r
    Creating CODE-1 Plus Database\r
    \r
    [?47h[r[m[2J[H[?7h[?1;3;4;6l[?1h[m[H[2J[24;1H[H[2JPlease press Enter to continue.....\r
    "
    send -- "\r"
    expect -exact "\r
    \r
    \r
    Database loading. Please wait....\r
    \r
    [1;1H \r
    \r
    \r
    [24;1H\r
    [2J[?47l*************************************\r
    DATABASE FILES LOADED SUCCESSFULLY\r
    END CODE-1 PLUS DATABASE INSTALLATION\r
    *************************************\r
    Tue Sep 25 12:22:19 CDT 2012\r
    ]0;root@hp36ed01:/opt/UNC/server/bin\[root@hp36ed01 bin\]# ”
    send — “”
    expect eof

    I should see several files in the /usr/UNC/db/test12012 location. After the script runs I dont see the files. Any help will be appreciated. Thanks in advance!

  • Raghava

    Hi,
    I installed sshdpass tool in RHEL and trying to connect another RHEL machine where sshd is running. I am able to connect when I run $ sshpass -p” ssh root@IP but not connecting to that IP when I tried by placing the same line in a connect_to_remote.sh file and called it through sudo command. It thrown error.. connect_to_remote.sh: line 4: sshpass: command not found

    Please guide me the solution if any one know.
    Thanks,
    Raghav

  • Abhinav Chittora

    Hi Raghava,

    You should try full path to sshpass i.e. /usr/bin/sshpass. Since it may be the reason that the shell, which is running your script is not looking for the directory in which sshpass is located. Using absolute path is always prefered way to use any such command.

    Thanks,
    Abhinav Chittora

  • Kaka

    Hi Sidh,

    Using ur script, getting error [expect: command not found] in last expect (expect eof)… Please help.

  • sporo

    Hi Guys, can someone help with this:

    set user “touch”;

    set password “1touch@1″;

    set gateway “10.34.5.6″;

    spawn /usr/bin/ssh -L 22:localhost:22 $user@$gateway

    But this doesn’t work and i seem to be getting no result but this:

    usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]

    [-D [bind_address:]port] [-e escape_char] [-F configfile]

    [-i identity_file] [-L [bind_address:]port:host:hostport]

    [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]

    [-R [bind_address:]port:host:hostport] [-S ctl_path]

    [-w tunnel:tunnel] [user@]hostname [command]

  • Ben Watson

    Absolutely spot on! Is there anyway to use an encrypted or shadow password file though, rather than just having it in plain text in the script?

    Works like a dream though – thank you.

Previous Script:

Next Script: