sshpass: Login To SSH Server / Provide SSH Password Using A Shell Script

How do I login over ssh without using password less RSA / DSA public keys? How do I use ssh in a shell script? How do I login non-interactivly performing password authentication with SSH and shell scripts?

You can use the sshpass command to provide the password for ssh based login. It is a non-interactive ssh password auth tool. From the man page:

sshpass is a utility designed for running ssh using the mode referred to as “keyboard-interactive” password authentication, but in non-interactive mode.

ssh uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user. Sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user.

The command to run is specified after sshpass’ own options. Typically it will be “ssh” with arguments, but it can just as well be any other command. The password prompt used by ssh is, however, currently hardcoded into sshpass.

WARNING! These examples considered the least secure as simple ps command can expose password to all users on the same host. I highly recommend using ssh’s public key authentication or keychain software to set up secure passwordless SSH access.

Install sshpass under Debian / Ubuntu Linux

Type the following command:
$ sudo apt-get install sshpass
Sample outputs:

Fig.01: Installing sshpass on Debian/Ubuntu Linux

Install sshpass under RHEL/CentOS Linux

First, enable EPEL repo and type the following yum command:
$ sudo yum install sshpass
If you are using Fedora Linux, type:
$ sudo dnf install sshpass

Install sshpass under Arch Linux

$ sudo pacman -S sshpass

Install sshpass under OpenSUSE Linux

$ sudo zypper install sshpass

Install sshpass under FreeBSD Unix

To install the port, enter:
# cd /usr/ports/security/sshpass/ && make install clean
To add the package, run:
# pkg install sshpass

How do I use sshpass in Linux or Unix?

Login to ssh server called with password called t@uyM59bQ:
$ sshpass -p 't@uyM59bQ' ssh
For shell script you may need to disable host key checking:
$ sshpass -p 't@uyM59bQ' ssh -o StrictHostKeyChecking=no

Security unwise warning: The -p option should be considered the least secure of all of sshpass’s options. I recommend that you use ssh’s public key authentication.

A bash shell script example with SSHPASS

The syntax is:

SSHPASS='t@uyM59bQ' sshpass -e ssh
SSHPASS='t@uyM59bQ' sshpass -e ssh date
SSHPASS='t@uyM59bQ' sshpass -e ssh w
SSHPASS='t@uyM59bQ' sshpass -e ssh -o StrictHostKeyChecking=no

The password is passed as environment variable called SSHPASS.

Reading password from file

Another option is to read password from file using the -f option. The syntax is:
sshpass -f fileNameHere ssh user@server
Create a file as follows:

$ echo 'myPassword' > myfile
$ chmod 0400 myfile
$ sshpass -f myfile ssh

How do I backup /var/www/html using rsync?

Run rsync over SSH using password authentication, passing the password on the command line:
$ rsync --rsh="sshpass -p myPassword ssh -l username" /backup/
$ SSHPASS='yourPasswordHere' rsync --rsh="sshpass -e ssh -l username" /backup/

How do I use sshpass with gpg encrypted file?

First, create a file as follows:
$ echo 'mySshPasswordHere' > .sshpassword
Now, encrypt a file using gpg command:
$ gpg -c .sshpassword
$ rm .sshpassword

Finally, use it as follows:
$ gpg -d -q .sshpassword.gpg > fifo; sshpass -f fifo ssh

If you just type sshpass, you will see help screen as follows:

Fig.02: sshpass command in action

Further readings:

🐧 If you liked this page, please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
37 comments… add one
  • Den Jul 12, 2012 @ 4:10

    Thanks for this! I doesn’t work here. I get the message “debug1: Next authentication method: password” and after the process waits forever. Any suggestions?

  • Raj Jul 5, 2013 @ 22:23

    Hi All

    I am in progress of building a syslog and configuration management server. I would like to schedule an automatic backup of Cisco running configurations and that has to be stored as device name and each day a new folder has to be created as mm/dd/year.

    By so, all backup’s that happened yesterday should be under 07/04/2013 directory and the one for today should be under 07/05/2013.

    Need your assistance on this.

    Thanks much…

  • Ravi Patel Dec 17, 2015 @ 13:20

    Thanks a lot buddy, you saved a lot of my time.

  • Aline Giron Jan 11, 2016 @ 21:49

    I couldn’t resist commenting. Perfectly written!

  • Kian Mordaunt Jan 12, 2016 @ 6:02

    Great article.

  • John Feb 23, 2016 @ 11:41

    I want to schedule auto file copy with crontab and sshpass. The file is order than 3 days. Here is the code but not working:
    00 00 * * * find /home/username/folder -mtime +3 -exec scp {} sshpass -p 0000 remotesrver@myipaddress \;
    00 00 * * * sshpass -p 0000 find/home/username/folder -mtime +3 -exec {} scp remoteserver@ipaddress \;

    Both commands are not working. Help

  • Anthony Apr 12, 2016 @ 16:42

    This is exactly what I was looking for. Oh! and thanks for mentioning the “StrictHostKeyChecking” part, that was helpful as well.

    Saw the security risks too, will keep that in mind.

  • Fox Feb 24, 2017 @ 14:05

    Is there a way to set a remote dir when using sshpass, so that after login I cd into a specified directory, please?

  • Andrea Apr 11, 2017 @ 11:30

    Does it works for the cert’s passphrase too ?
    $ ssh -i key.txt user@host

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.