On 02:49 15 Feb 2005, Stefan Held <obi@xxxxxxxxxxxxx> wrote: | Am Sonntag, den 06.02.2005, 21:42 -0600 schrieb Marc Williams: | > On Sun, 06 Feb 2005 23:56:52 +0000, James Wilkinson wrote: | > | > > Marc Williams wrote: | > >> I've just started exploring the Expect language and have quickly hit a | > >> little bit of a speed bump. But I'm not sure it's Expect that's the | > >> problem. | > >> | > >> In an FC3 gnome-terminal, I try to run the following script: | > >> ---------------------- | > >> #!/usr/bin/expect -- | > >> spawn ssh 192.168.0.9 | > >> expect "word: " | > >> send "password\r" | > >> expect "]$ " | > >> interact | > > | | The Question is, why do you _NOT_ use ssh keys for authentication. | It's even more secure and there is no plaintext shell script with a | password hanging around in your filesystem. I can think of two reasons. Firstly he's learning expect, so who cares what he's using underneath? Also he _needs_ something that expect has to interact with if he's going to play with it. Secondly, and perhaps more relevant, is if he's intending this stuff to run in batch mode (cron, whatever) then he'll need a passphraseless key for that, and that's as bad as a password. Well not quite, in that the far end never sees the private half of the key while a password _is_ sent to the far end, but it does mean the key is in the clear at the near/calling end. So yes, keys are slightly better that passwords, but not enormously better if it's a batch mode requirement. -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ There is a fine line between idiocy and genius. We aim to erase that line.
