passing in a passphrase from a file to ssh-add

From: Uejio, Wayne (Corporate) (Wayne.Uejio_at_corporate.ge.com)
Date: 03/23/04

  • Next message: Darren Tucker: "Re: Explicitly change the DISPLAY variable in ssh"
    Date: Tue, 23 Mar 2004 12:01:23 -0500
    To: <secureshell@securityfocus.com>
    
    

    We have a need to run batch jobs which use SFTP using public keys and passphrases. We have architected this in a way so that passphrases are not included in code, and are not visible to developers or users, but only to a very small group of administrators. We do this by starting an ssh agent, and the running ssh-add. I am told that the OpenSSH version of ssh-add does not take input from stdin, and hence requires user input to add passphrases to the agent. This is obviously not a workable solution in a "lights-out" mode. If we implemeted OpenSSH, how would this issue be resolved? could we use ssh_askpass?

    Wayne Uejio The opinions expressed in this message
    Senior Technologist are the personal views of the author and
    General Electric do not indicate any views, opinions,
    Suite 220 positions of the General Electric
    200 Great Oaks
    Albany, NY 12203-5965
    Tel: 518-862-2523 dialcom: 232-2523
    Fax: 518-862-2588
    e-mail: wayne.uejio@corporate.ge.com


  • Next message: Darren Tucker: "Re: Explicitly change the DISPLAY variable in ssh"