At work, I access both a remote system via SSH and some web interfaces that login through LDAP. I use 1password to manage my passwords, but I can't seem to find a simple way to input the password from the password manager to SSH. I saw sshpass but it can show the password in ps, which is really bad security, and also doesn't work in my case. Is there any way to input a password from an external program or script through SSH directly, or are there facilities within SSH that I can leverage and keep the passwords in sync? Such as keeping a key file that I unlock for SSH that has the same password, which is updated whenever I update the password. Note I can't directly use keys to log into the system because it's not built to support it.
Edit: One commenter pointed out that sshpass will show the password in ps, which is a no-go. I also can't directly alias ssh to something like sshpass ... ssh because I do still log into systems that use keys.
Edit 2: I got confirmation that a password manager is okay, and I attempted to use sshpass with a file descriptor to log into the server but it doesn't seem to work — instead of giving me a prompt to enter my RSA token, I just get nothing, which makes me think it doesn't run through the same code and won't accept sshpass.
Best Answer
sshpassdoes not have to show the password in the ps. It might read it an environment variable:or from a file: