Test Passwordless SSH Authentication


This post is in the category: Scripts

Short scripts - usually bash or something else Linux-y


I needed a way to test if I have a passwordless way to authenticate to another SSH system. This script is written in expect and basically attempts to ssh into the specified host. It assumes the user prompt will contain user@host.

I should also note that I wrote this with the intention of using it as a Nagios plugin for ssh checks. That is why it exists with the code of 2 (critical) or 3 (unknown) when there are problems.

#!/usr/bin/expect
 
if {[llength $argv] != 2} {
	puts "usage: ssh_test.exp user host"
	exit 3
}
 
log_user 0
 
set user [lindex $argv 0]
set host [lindex $argv 1]
 
spawn ssh $user@$host
 
expect {
	"$user@$host" {
		send "date > ~/.ssh_test\n"
		sleep 0.25
		send "exit\n"
		puts "SSH test completed."
		exit 0
	}
 
	"Password:" {
		send \003
		puts "Password prompt detected.  Check SSH keys."
		exit 2
	}
 
	"Could not resolve hostname" {
		puts "Could not resolve hostname."
		exit 2
	}
 
	"No route to host" {
		puts "No route to host."
		exit 2
	}
 
	"ECDSA key fingerprint" {
		send "no\n"
		puts "Remote machine not in known_hosts file."
		exit 2
	}
}
 
puts "Unknown response."
exit 3
This entry was posted in Scripts and tagged on by .

About Andrew Wells

I have been developing on the LAMP stack since about 2006. I run Ubuntu XFCE on my desktop and have a history of managing Ubuntu and CentOS servers. I code web applications mostly in PHP but have experience with other languages as well. When I'm not working, I can be found working in my home lab or out snowboarding, hiking, camping, or biking depending on the season.

Leave a Reply

Your email address will not be published. Required fields are marked *