I use ssh-agent on my own. Due to the fact that it is  about 50 times
easier to use key based authentication. They will NOT allow me to do
this! Its absolutely, 100% NOT an option.

Thanks for the input!! I believe we can mark this one as [solved].

On 5/24/05, Troy.A Johnson <troy.johnson at health.state.mn.us> wrote:
> Brock,
> 
> Installing ssh keys on 400 hosts might be a good amount
> of work, but it doesn't really involve "installing" anything
> but a directory and a file under your home directory on those
> boxes. The upside is that no password information goes
> onto the wire when you use keys (unless they are served
> via NFS or some other network file system), and you can
> use ssh-agent to store your credentials instead of rolling
> your own solution.
> 
> Just my 2 cents,
> 
> Troy
> 
> >>> brockn at gmail.com 05/24/05 9:18 AM >>>
> I work for a large corporation and there is about 2200 boxes in my
> environment alone. Since I don't work for the UNIX team I cannot
> install things on the boxes, because I am just a user. This includes
> keys for authentication. The password will NOT be stored in the
> script.
> 
> I am writing some scripts for my own personal use that I want to be
> able to go out to say 400 boxes and then run some command. Since I
> have the same username and password, I plan on writing a script which
> asks for them once and then stores them, in a variable - only
> temporarily, for all of the boxes.
> 
> Expect will work GREAT! Thanks for the help!
> 
> On 5/24/05, Jima <jima at beer.tclug.org> wrote:
> > On Tue, 24 May 2005, Munir Nassar wrote:
> > > not quite exactly what you want, but if you use passphraseless keys
> it
> > > should do what you want. that is, ssh without asking for a password.
> >
> >  Did you read the first paragraph of his email?
> >
> > > I am writing a script which will take a password as an arg and need
> to
> > > use that password when for sshing around. For various reasons I
> cannot
> > > use key based authentication.
> >
> >  Not that I disagree with you; the "password-in-a-script" concept makes
> me
> > uneasy (not that I know of a way to implement it).  I'd sooner put my
> > efforts into remedying whatever prevents key-based auth from being an
> > option.
> >
> >      Jima
> >
> >
> 
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
>