I am having a big difficulty with two way pipes from a system executed command

igoryonya has asked for the wisdom of the Perl Monks concerning the following question:

Specifically, I am trying to push the password to ssh-copy-id program, as it doesn't have a parameter, that I can use to feed the password noninteractively.
I've tried:

#These two just exit after this command
$result = `ssh-copy-id -i $path_publick_key $user\@$server 2>/dev/null
+ < "$password"`;
$result = `ssh-copy-id -i $path_publick_key $user\@$server 2>/dev/null
+ < "$password\n"`;

#This gives a password prompt, without me printing the $result, which 
+makes me think, that ssh is using some named output device, instead o
+f stdout.
#$result is empty:
$result = `echo "$password"|ssh-copy-id -i $path_publick_key $user\@$s
+erver 2>/dev/null`;
[download]

use IPC::Cmd qw{run};

$ssh_cp_id = '';
$ssh_cp_id_result = run(
    'command'=>"ssh-copy-id -i $path_pk $user\@$server 2>/dev/null",
    'buffer'=>\$ssh_cp_id
);
if($ssh_cp_id_result){
    #print has no effect, as the password prompt got already displayed
+ without being captured to the $ssh_cp_id:
    print $ssh_cp_id;
}
[download]

I can't figure out how to do it. I need to use only standard modules or no modules at all, as our organization policy requires. I was already thinking about 'expect' cli program, it's not installed by standard on the system and the 'Expect' perl module, also nonstandard, so can't use them.

Comment on I am having a big difficulty with two way pipes from a system executed command Select or Download Code

Replies are listed 'Best First'.
Re: I am having a big difficulty with two way pipes from a system executed command (ssh) by shmem (Chancellor) on Nov 01, 2015 at 08:47 UTC
The ssh command doesn't read the password from STDIN, but from `/dev/tty`, and I suspect that all other password-prompting commands from the ssh suite do the same. Use the sshpass command to provide passwords for ssh-* in a non-interactive way. update: many password related programs work that way, e.g. the UNIX passwd utility. I have seen staggeringly stupid and highly dangerous attempts to work around this, e.g. a shell script to set passwords which moves away `/dev/tty`, writes a new plain file `/dev/tty` with two lines containing the password, invokes `passwd` and restores the original `/dev/tty`. It is big fun if any program opens `/dev/tty` during that sequence (e.g. `less`). So don't do that! From the manual page of `sshpass`: SECURITY CONSIDERATIONS First and foremost, users of sshpass should realize that ssh's insistance on only getting the password interactively is not without reason. It is close to impossible to securely store the password, and users of sshpass should consider whether ssh's public key authentication provides the same end-user experience, while involving less hassle and being more secure. Maybe that is an option for you? perl -le'print map{pack c,($-++?1:13)+ord}split//,ESEL'	[reply] [d/l] [select]
Re^2: I am having a big difficulty with two way pipes from a system executed command (ssh) by igoryonya (Pilgrim) on Nov 07, 2015 at 07:21 UTC
Well, the automatic public key installation is what I want to achieve on the LAN, so I've tried to call ssh-copy-id to the remote pc, which asks for the password and doesn't have an option to pass password by cli. I am considering to reimplement the needed ssh-copy-id's functionality in perl, by using Net::SSH2 module, but before that, I wonder, if there is a way to, instead of using /dev/tty trick, emulate the keyboard to send the keys to the program. Make a perl program to act as if the keyboard would send the keys to the program, like you can do in the GUI programming, to send keyboard keystrokes.	[reply]

SECURITY CONSIDERATIONS