Apparently, it is possible (according to post #3 at that link). The trick is in the authorized_keys file format. There are several options that allow the server to restrict SSH features based on what key was used to authenticate. The "command=" option allows the server administrator to attach a restriction on the public key -- something like
"any incoming connections that authenticate with this key will execute this command, regardless of what command might have been requested by the user".
It might prevent the execution of standard SCP and SFTP, but if it provides an interactive shell there's probably a way around it:
$ ssh user@host 'cat /some/where/whatiwant.txt' > igotit.txt
I will assume that these are all Linux hosts and that you have root access to them. I will also assume that they are using apt
for package management, but it is easy to apply this solution with yum
or pacman
or any other package manager.
As far as I know, ssh
offers no way of specifying a password on the command line so first you will need to install sshpass
on your local machine:
sudo apt-get install sshpass
This will allow you to pass the password as a command line argument:
sshpass -p '<password>' ssh user@server
Now, create a file with all the IPs you are interested in, one per line. You can parse this file to install sshpass
on each remote machine. If your password is foo
and you are connecting as root
, you can do
while read ip; do
sshpass -p 'foo' ssh root@$ip "apt-get install sshpass";
done < ips.txt
sshpass
is now installed on each server. Now, go through the servers again, and copy your files. If you are copying as root
and the root
password for your destination
is bar
, do this:
while read ip; do
sshpass -p 'foo' ssh root@$ip "sshpass -p 'bar' scp files dest:/results/";
done < ips.txt
You can also use sshpass
to copỳ your key files and --as long as you've used an empty passphrase-- allow passwordless access so you don't have this problem next time around:
while read ip; do
sshpass -p 'foo' ssh root@$ip \
"sshpass -p 'bar' ssh-copy-id -i ~/.ssh/id_rsa.pub root@destination";
done < ips.txt
Once that is done, you will be able to copy the files over using:
while read ip; do ssh root@$ip "scp files dest:/results/"; done < ips.txt
Best Answer
I think SSH session sharing would be useful in this situation. It allows you to open multiple sessions over a single connection so that you only have to enter your password once. In your .ssh/config:
So you could open one terminal, SSH into your server, and run your editor. Then you could open another terminal, SSH into the same server using the shared connection, and run make and scp from there. More info: