SSH password as a command-line parameter?

[Daniel Carrera]

Neil Blakey-Milner wrote:
> If you don't already have ssh keys you want to use, you can use
> ssh-keygen to generate a pair.

I already use ssh keys.

> It's worth it to put some additional effort in reading the manual pages
> on ssh, ssh_config, ssh-keygen, and so forth to fully understand the ssh
> environment and the security concerns.

I know how ssh works reasonably well. I just don't know how to put it on 
a script that doesn't prompt the user for a password.

> In particular, if you do have a key that doesn't require a passphrase
> (because it is going to be used for an automated process), it may be
> best to limit that key to only performing a single command.  This can be
> done in the authorized_keys file.

That's an option, though naturally I like having a password. Though I 
guess that technically if someone can grab my private key they can 
probably grab the script with the password as well...

> Passphrases don't have to be irritating, since Ubuntu graphical logins
> run an "agent" (read the ssh-agent manual page) that allows you to
> unlock the keys with their passphhhrases for the current session.

I already know ssh-agent, but I don't think I want to depend on it. If I 
restart my computer for some reason and forget to run it I might go for 
days without backups. I don't find passwords irritating.

Cheers,
Daniel.
-- 
http://opendocumentfellowship.org
   "The reasonable man adapts himself to the world; the
   unreasonable man tries to adapt the world to himself.
   Therefore all progress depends on unreasonable men."
         -- George Bernard Shaw