Shell – How to type in password for multiple windows

gnome-terminalgnome3shell-scriptsshvagrant

I have a script that starts my vagrant machine, opens up multiple terminals and connects to the vagrant machine via ssh in every newly opened terminal. My problem is that I need about five terminals, and I don't want to type in the password for each terminal manually. Is there a way to get prompted for the password only once in the main terminal, and use the same password for the ssh command?

#!/bin/bash
cd /home/kkri/public_html/freitag/vagrant
vagrant up
for run in $(seq 1 $1)
 do
  gnome-terminal --window-with-profile=dark -e "ssh vagrant@localhost -p 2222" --$
 done
gnome-terminal --window-with-profile=git          
clear
echo "~~~ Have fun! ~~~"

Best Answer

In general (ignoring vagrant or other system-specific details) your best bet is to set up authentication with SSH keys, and run ssh-agent. Then open the ssh sessions with something like:

# load the key to the agent with a 10 s timeout
# this asks for the key passphrase
ssh-add -t10  ~/.ssh/id_rsa  
for x in 1 2 3 ; do 
    ssh .... 
done

Or, if you can't use keys, you could rig something up with sshpass.

read -p "Enter password: " -s SSHPASS ; echo
for x in 1 2 3 ; do 
    sshpass -e ssh ...
done
unset SSHPASS

Though with the terminal in the middle, this would leave the password set in the terminal's environment. To work around that, you could save the password temporarily in a file:

read -p "Enter password: " -s SSHPASS ; echo
PWFILE=~/.ssh/secret_password
cat <<< "$SSHPASS" > "$PWFILE"
unset SSHPASS
for x in 1 2 3 ; do 
    sshpass -f "$PWFILE" ssh ...
done
shred --remove "$PWFILE"

This still isn't optimal since there's a chance the password hits the disk, so keys would be better.

Related Solutions

Ubuntu – Gnome-terminal custom command and dynamic working directory

As Gilles mentioned in a comment, setting the SHELL variable works as well. It does not have downside of my other answer. Here are the details:

Create .xsessionrc in your home directory with contents:
```
SHELL=/usr/bin/fish
```
Disable custom command in gnome-terminal profile options.
Log out and in again.

Gnome-terminal should respect the variable and use that custom command. It does for me on Ubuntu 16.04.1 and solves the working directory problem.

Shell – How to reuse sudo for a series of commands in a bash script

Is timestamp_type in /etc/sudoers or /etc/sudoers.d/* set to tty or ppid? tty is the default according to sudo's man page:

timestamp_type - sudoers uses per-user time stamp files for credential caching. The timestamp_type option can be used to specify the type of time stamp record used. It has the following possible values:

global A single time stamp record is used for all of a user's login sessions, regardless of the terminal or parent process ID. An additional record is used to serialize password prompts when sudo is used multiple times in a pipeline, but this does not affect authentication.

ppid A single time stamp record is used for all processes with the same parent process ID (usually the shell). Commands run from the same shell (or other common parent process) will not require a password for timestamp_timeout minutes (15 by default). Commands run via sudo with a different parent process ID, for example from a shell script, will be authenticated separately.

tty One time stamp record is used for each terminal, which means that a user's login sessions are authenticated separately. If no terminal is present, the behavior is the same as ppid. Commands run from the same terminal will not require a password for timestamp_timeout minutes (15 by default).

The default value is tty.

This setting is only supported by version 1.8.21 or higher.

If it is set to tty or ppid, then that explains why you're being asked for a password every time. Each sudo command you're running is being executed in a separate gnome-terminal, and thus a separate tty AND a different parent PID.

Looks like global is the only setting that will allow what you want.

If that doesn't help, what's your timestamp_timeout setting? Is it set to 0? The default should be 15 minutes.

Also check the other timestamp* settings (timestampdir, timestampowner). They could cause this problem if timestampdir (the default on my debian sid system is /run/sudo/ts) doesn't exist or is not rwX by timestampowner (default root).

sudo will log a descriptive error message via syslog and email the administrator (root) if these settings result in an error.

One other option is to edit /etc/sudoers so that your user can run iftop without needing to enter your password. e.g.

yourusernamehere ALL= NOPASSWD: /usr/sbin/iftop

See How to run a specific program as root without a password prompt? for more details on this.

Best Answer

Related Solutions

Ubuntu – Gnome-terminal custom command and dynamic working directory

Shell – How to reuse sudo for a series of commands in a bash script

Related Question