Results

See more...

Linux Bash Script For SSH RSA Fingerprint

If you are working on a Linux bash script that involves connection to a server using SSH, you will probably come across situation where server would ask for RSA Key Fingerprint Authentication. The process involves a server presenting its host key to client, and that once it is accepted, it is stored in ~/.ssh/known_hosts for comparison on the next connection attempts.

When you connect to a host that you have not connected to before via ssh, ssh prints a message like below:

Jaxov:~$ ssh jaxov
The authenticity of host 'jaxov (134.2.14.48)' can't be established.
RSA key fingerprint is 2e:3a:5e:29:16:4d:4c:13:90:2c:64:41:bd:25:fd:35.
Are you sure you want to continue connecting (yes/no)?

Usually, you say Yes and enter your password, following message appears:

Warning: Permanently added '10.197.191.4' (RSA) to the list of known hosts. This computer resource is private property. Unauthorized access, misuse, and misappropriation of resources is prohibited by law.
Password:

With this, you accept the encryption key the server sent you as the actual encryption key of the server. Final message which appears after you the enter password:

This computer resource is private property. Unauthorized access, misuse, and misappropriation of resources is prohibited by law.

Below mentioned bash script will respond to SSH RSA authentication, if it appears for a client when it SSH the server:

#!/usr/bin/expect –f
# www.jaxov.com
# This script respond to server RSA key, when a client connects to a server

spawn ssh root@IP-ADDR
expect {
-re ".*Are.*.*yes.*no.*" {
send "yes\r"
exp_continue
#look for the password prompt
}

"password:" {
send -- "$password\r"
#he expect command will now return
}
}

Contact Us for News Tips, Corrections and Feedback

Related posts

1 comment
Leave a message...

  •  
    carlos duarte2 years, 1 month ago

    this uses tcl, which is not bash :-(