Posted inUS_1

How to SSH into Server with Username and Password Using Autossh

No Comments

Secure Shell (SSH) is a vital protocol for securely accessing and managing remote servers. While SSH keys offer enhanced security, password authentication remains a common and sometimes necessary method. This article will guide you on how to efficiently SSH into servers using usernames and passwords, leveraging the autossh tool to streamline the process.

autossh is a command-line utility designed to simplify and enhance your SSH workflow, particularly when dealing with password-based authentication. It allows you to store server connection details, including usernames and passwords (encrypted for security), and quickly log in to your servers with ease. This tool is especially useful for users who frequently access multiple servers and need a fast and organized way to manage their SSH connections.

Getting Started with Autossh

Before diving into usage, ensure autossh is installed on your local machine.

For Unix-like systems (macOS, Linux):

autossh relies on passh for password handling in Unix environments. You’ll need to install both. Installation methods vary depending on your distribution, but common approaches include using package managers like apt, yum, or brew.

For Windows:

On Windows, autossh utilizes putty.exe, a popular SSH and Telnet client. Download putty.exe from the official PuTTY website and place it in the same directory as the autossh executable for seamless operation.

Basic Autossh Commands

Let’s explore the fundamental autossh commands to manage your server connections.

Adding Server Profiles

The add command is used to store server connection details. This includes a nickname for the server, username, IP address, and password.

autossh add -u [username] -p [password] -i [server_ip_address] -n [server_nickname]
  • -u or --user: Specifies the username for SSH login.
  • -p or --password: Sets the password for authentication. Note: Passwords are stored in plaintext by default but can be encrypted using the ASKEY environment variable (more on security later).
  • -i or --ip: Indicates the IP address of the remote server.
  • -n or --note: Allows you to add a nickname or note to identify the server easily. This is helpful when managing multiple server profiles.

Example:

To add a server with the nickname “ubuntu-server”, username “admin”, password “securepassword”, and IP address “192.168.1.100”, you would use:

autossh add -u admin -p securepassword -i 192.168.1.100 -n ubuntu-server

After successfully adding a server, autossh will display a table summarizing the stored connection details, including an index number that you’ll use for subsequent commands.

Removing Server Profiles

The rm, remove, delete, or del command is used to delete stored server profiles. You can remove profiles by specifying their index number.

autossh rm -i [index_number]
  • -i or --index: Specifies the index number of the server profile to remove, as listed in the autossh ls command output.

Example:

To remove the server profile with index number 1, use:

autossh rm -i 1

You can remove multiple profiles at once by providing a space-separated list of index numbers.

Listing Server Profiles

The ls or list or l command displays a list of all stored server profiles, showing their index, nickname, username, IP address, and port.

autossh ls

To view passwords along with other details (use with caution due to security implications), use the -a or --all option:

autossh ls --all

Logging into Servers

The login command initiates an SSH connection to a server using its index number.

autossh login -i [index_number]
  • -i or --index: Specifies the index number of the server profile to connect to.

Example:

To log in to the server profile with index 1, use:

autossh login -i 1

autossh will automatically use the stored username and password to establish the SSH connection.

Backup and Restore

autossh stores server profile data in a TOML file named .autossh.toml located in your home directory ($HOME on Unix-like systems, ~ on Windows). You can manually back up this file to preserve your server connection profiles.

To find the exact location of the record file, you can use the debug mode:

RUST_LOG=DEBUG autossh list

This command will output debug information, including the path to the .autossh.toml file. You can then back up or restore this file as needed.

Security Considerations

By default, autossh stores passwords in plaintext within the .autossh.toml file. For enhanced security, it is highly recommended to encrypt the passwords.

To enable password encryption, set the ASKEY environment variable to a secret key before using autossh.

On Unix-like systems (Bash):

export ASKEY="YourSecretEncryptionKey"

On Windows (CMD):

set ASKEY="YourSecretEncryptionKey"

Replace "YourSecretEncryptionKey" with a strong, unique secret key. Once ASKEY is set, any passwords added to autossh will be encrypted using this key. Ensure you keep this key secure, as it is needed to decrypt the passwords for login.

export ASKEY="protected"
autossh add -u idhyt -p password -i 1.2.3.4 -n ubuntu
autossh list --all
cat ~/.autossh.toml | grep password

By utilizing autossh and understanding its features, you can significantly simplify and secure your workflow for SSHing into servers with usernames and passwords. Remember to prioritize security by encrypting your stored passwords using the ASKEY environment variable.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *