4

Having read this question and my answer there, I would like to do a similar thing on Windows.

My Linux solution is this:

#!/bin/bash
[[ $1 =~ password: ]] && cat || SSH_ASKPASS="$0" DISPLAY=nothing:0 exec setsid "$@"

How can I do a similar thing on Windows, something I can use like this from a Windows Command Prompt or batch file:

C:> echo password | pass ssh user@host ...

Points to note:

  • ssh here was installed using the free edition of crwsync. It uses Cygwin DLLs but does not require a Cygwin install.
  • the solution should not require further dependencies: it work from a typical Windows Command Prompt or batch file.

I'm looking for an answer to the above, even if the answer is "it can't be done". I know I can use keys (and their relative merits), or other tools such as Python/Paramiko, PuTTY plink, and so-on. I know I can do it in a Cygwin environment. I don't want to do those things... I need to do it from a plain old Windows command prompt or batch file without incurring additional dependencies because, if this is possible, it will reduce existing dependencies.

Here is what I have so far:

@echo off
echo.%1 | findstr /C:"password">nul
if errorlevel 1 (
  set SSH_ASKPASS="%0"
  set DISPLAY="nothing:0"
  %*
) else (
  findstr "^"
)

The idea is to save that as, say pass.bat and use it like this:

C:> echo password | pass.bat ssh user@host ...

What happens is that the SSH session is launched but ssh still interactively prompts for the password. I think that, in theory, the script is ok becuse the below works:

C:> echo mypassword | pass.bat pass.bat "password"
mypassword

As far as I understand, the underlying Cygwin DLLs should see the Windows environment so the setting of SSH_ASKPASS should propagate into ssh.

I think the problem is that ssh is connected to the terminal. According to man ssh, If ssh needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. This is why I use setsid in the Linux example. I think a way to detach the process from the terminal in Windows is required but I am not sure there is one (I did try start /B).

So I'm stuck - I don't know enough about scripting windows to know what should work. Any solution that uses native windows techniques (i.e. batch or perhaps powershell) and does not require anything not available on a vanilla Windows would be welcome.

The solution will be used by a cross platform application that I am working on that needs to use SSH to interact with an external service. The current prototype version is Python and is aready wired up to launch ssh as a subprocess. The Linux version already uses the above method so I would like a Windows solution that does not require reworking of the application.

Community
  • 1
  • 1
starfry
  • 7,737
  • 5
  • 57
  • 81

1 Answers1

0

SSH will never read password from stdin. I would give a shot sshpass utility, which is quite standard for this task. The other common solution is using expect script (which should work the same way on the Cygwin as on Linux).

Jakuje
  • 20,643
  • 11
  • 53
  • 62
  • I did say that I knew of those things and that I specifically was looking for a **native windows solution**, if there is one. – starfry Mar 23 '17 at 09:35