Ubuntu – How to avoid having to enter a password for an scp command by hard-coding the password into the script

bashcommand linepasswordscpscripts

I've created a bash script that sometimes need me to enter some information (other machine password / username) when I run it.

Is there a way to prevent this by entering (hard-coding) this information in the code? In this way when I execute it, it will run smoothly without asking me to input anything.

This is the command:

scp /home/machine1/backup/test.txt /home/machine2/backup

Instead of typing the machine2 password, I want to hard code it in my script.

Best Answer

SSH key authentication is convenient and secure

Please do not hardcode a password into the shellscript, because it is easy for other people to read it.

  • Login with key authentication to ssh is what you need.

    This way you need no password, and it is more secure too. This is particularly important if the computer is visible on the internet. If you don't think it's important, try logging the login attempts you get for the next week.

    • Running


      you will probably be offered to protect the key with a passphrase.

    • Don't do it (press Enter to continue without a passphrase when ssh-keygen asks), because you don't want to type any password or passphrase when you run the script and arrive at the scp command line.

      Without key authentication and with clear-text passwords, it is very important to have strict permissions on the shellscript and it is a good idea also for security related shellscripts without a clear-text passphrase. The default permissions for a script file (when created somewhere in your home directory) is probably 644

      $ ls -l shellscript 
      -rw-r--r-- 1 sudodus sudodus 349 dec 23 10:54 shellscript

      and you may give your script files execute permissions for everybody, 755

      $ chmod 755 shellscript
      $ ls -l shellscript 
      -rwxr-xr-x 1 sudodus sudodus 349 dec 23 10:54 shellscript

      but you had better cut it down to 600, no permission except for your own userID, and no execute permission at all

      $ chmod 600 shellscript 
      $ ls -l shellscript
      -rw------- 1 sudodus sudodus 349 dec 23 10:54 shellscript

      and you cannot run it directly with ./shellscript, so use

      bash shellscript       # when shellscript in the current directory
      bash path-to-shellscript/shellscript  # from other directories
    • Do it (enter a passphrase when ssh-keygen asks) if you want higher security, because your private key will be protected (encrypted with the passphrase), but then you have to type the passphrase, when you run the script with scp.

    • You must copy a key file, for example with

      ssh-copy-id <username>@<host>
    • scp uses ssh for data transfer. So when the keys are in place, it should work without a password.

  • Every linux machine can be made an ssh server by installing openssh-server, in Ubuntu with apt,

    sudo apt update
    sudo apt install openssh-server