On Tue, Oct 08, 2002 at 03:25:54PM -0300, Andre Guimaraes wrote: > I dont like RSA without passwords caus if your machine gets compromised, the > attacker would have root access to another machines in your network. > When I needed automated scripting using ssh and scp I used this programming > language called EXPECT, perl includes a module that implements the expect > language. It goes something like this: > > exec ssh myhost "commands" (could be scp myfile myhost:path) > expect yes/no > send yes\r > expect assword > send my_password
How is that different from using RSA w/o passphrase? In the above passphrase/password is stored in some file on disk... Have a look at part of sshd manual that describes authorized_keys file. IMHO this seems to be the best solution. -- Robert Ramiega <[EMAIL PROTECTED]> RR282-RIPE Security Team Leader | Systems Administrator TDC Internet Polska SA | PDi Ltd
