On Tue, 15 Feb 2005 15:20:51 +1100, Cameron Simpson <cs@xxxxxxxxxx> wrote: > I can think of two reasons. > > Firstly he's learning expect, so who cares what he's using > underneath? Also he _needs_ something that expect has to interact with > if he's going to play with it. > > Secondly, and perhaps more relevant, is if he's intending this stuff to > run in batch mode (cron, whatever) then he'll need a passphraseless key > for that, and that's as bad as a password. > > Well not quite, in that the far end never sees the private half of the > key while a password _is_ sent to the far end, but it does mean the key > is in the clear at the near/calling end. > > So yes, keys are slightly better that passwords, but not enormously > better if it's a batch mode requirement. Also once he gets this working he can always crypt the password. Here is something to read on the subject: http://wiki.tcl.tk/3594 Secure expect. Arguing methods can take forever. And I have seen decent encrypted pass expect scripts and used ssh keys as well.
