Bootstrap FreeKB - Bash (Scripting) - Getting Started with SSH
Bash (Scripting) - Getting Started with SSH
Updated:   |  Bash (Scripting) articles

Before creating a bash shell script that will make an SSH connection to target server(s), the ssh command can be used to determine if you are able to make an SSH connection to the target server(s).

SSH has a couple different authentication method.

  • Password authentication
  • Public/Private key authentication

The SSH server will be configured with password authentcation, passwordless authentication, or both. The ssh command with the -v (verbose) flag can be used to determine the authentication methods of the SSH server.

Passwordless authentication

If the SSH server is configured to accept passwordless authentication, and OpenSSH is being used, refer to public key authentication with OpenSSH on Linux to configure passwordless SSH authentication. In this scenario, the following bash shell script will make an SSH connection to the target server using passwordless authentication and list the contents of the /tmp directory.

#!/bin/bash
ssh -i id_rsa john.doe@server1.example.com "ls /tmp"

 

Password authentication

If the SSH server is configured to accept password authentication, password authentication will occur when passwordless authentication fails. In this scenario, the following bash shell script will make an SSH connection to the target server using password authentication and list the contents of the /tmp directory.

#!/bin/bash
ssh john.doe@server1.example.com "ls /tmp"

 

 

Known hosts

Regardless if you are using a password or passwordless authentication, when using the ssh command to make an SSH connection to a target server, if the public certificate of the targer server (server1.example.com in this example) is not listed in the /etc/ssh/ssh_known_hosts or /home/username/.ssh/known_hosts file on the client, a prompt will appear stating The authenticity of host 'hostname (ip address)' can't be established.

ssh john.doe@server1.example.com
. . .
The authenticity of host 'server1 (192.168.0.5)' can't be established
DSA key fingerprint is BB37 83F2 5E3A 7A4C 6C84  F047 D97B DD4E 38BB 2082
Are you sure you want to continue connecting (yes/no)?

 

Typing yes and pressing enter will display the following. The public certificate of the targer server will be appended to the /etc/ssh/ssh_known_hosts or /home/username/.ssh/known_hosts file on the client. As long as the public certificate remains in the known hosts file on the client, the authenticity of host 'hostname (ip address)' can't be established will not be displayed when making an SSH connection to the target server.

Permanently added 'server1.example.com,10.1.2.3' (RSA) to the list of known hosts.

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 9edf66 in the box below so that we can be sure you are a human.