> Passwords in ssh and sftp are sent encrypted, so the password cannot be > sniffed by moitoring your transmissions. You cannot say the same for > ftp, telnet or http. > > As someone pointed out, you can often arrange that two given accounts > can use sftp without passwords; I do this quite a bit. > > Another approach that I use is to use the expect(1) package. You install > it on one machine, and use it to automate just about any command-line > activity, including sending passwords. The expect script that you wind > up with may have the password in the clear, but you keep it protected in > your own account. If it's using sftp, for instance, then the password is > protected by the sftp protocols. > > Expect is marvellously useful for automating all sorts of things that were > not written with automation in mind.
Nice, that is sure to come in handy. - Grant > ++ kevin -- [email protected] mailing list
