[X-Unix] ssh sudo password in clear text
Eric F Crist
ecrist at secure-computing.net
Sun Jun 10 16:06:35 PDT 2007
On Jun 10, 2007, at 5:31 PMJun 10, 2007, Eric F Crist wrote:
>
> On Jun 10, 2007, at 4:50 PMJun 10, 2007, Paul Hess wrote:
>>> echo "password" | ssh someserver.com sudo mailstuff/sa-learn.sh
>>
>> Hi Eric,
>>
>> Here's the rub that brings me back to square one (unless I
>> misunderstand the piping).
>>
>> If I use the command above, wouldn't the password be sent to "ssh"
>> rather than sent to the "sudo" command? I think I somehow need to
>> put echo "password" into the command line after ssh to be piped to
>> sudo but I don't understand the syntax to do that. I believe it
>> has to do with single quotes but I can't find a way to get it right.
>
> Paul,
>
> The echo "password" portion of the command gets piped into the
> entirety of ssh someserver.com sudo mailstuff/sa-learn.sh. In this
> case, the sudo ... is what reads that input from stdin.
>
> To help you understand:
>
> foo | bar
>
Paul,
Something I left out is that in the above example, bar is your ssh
command, inclusive of the sudo... stuff. ssh does you a favor by
executing that command for you and exiting. So, you have the right
idea that the echo command is being pipe into ssh and not sudo. In
this particular case, however, sudo is the command that ends up with
the piped data (ssh passes it on).
HTH
-----
Eric F Crist
Secure Computing Networks
More information about the X-Unix
mailing list