在下面的例子中，我将写下我使用的解决方案:

场景:我想用sh脚本从服务器复制文件:

#!/usr/bin/expect
$PASSWORD=password
my_script=$(expect -c "spawn scp userName@server-name:path/file.txt /home/Amine/Bureau/trash/test/
expect \"password:\"
send \"$PASSWORD\r\"
expect \"#\"
send \"exit \r\"
")

echo "$my_script"

# create a file that echo's out your password .. you may need to get crazy with escape chars or for extra credit put ASCII in your password...
echo "echo YerPasswordhere" > /tmp/1
chmod 777 /tmp/1

# sets some vars for ssh to play nice with something to do with GUI but here we are using it to pass creds.
export SSH_ASKPASS="/tmp/1"
export DISPLAY=YOURDOINGITWRONG
setsid ssh root@owned.com -p 22

参考:https://www.linkedin.com/pulse/youre-doing-wrong-ssh-plain-text-credentials-robert-mccurdy?trk=mp-reader-card

使用公钥认证:https://help.ubuntu.com/community/SSH/OpenSSH/Keys

在源主机中只运行一次:

ssh-keygen -t rsa # ENTER to every field
ssh-copy-id myname@somehost

这就是全部，之后你就可以不用密码使用ssh了。

安全性更高的Sshpass

我在寻找ssh进入瘫痪服务器的方法时偶然发现了这个线程——处理ssh连接尝试花了一分钟多，在我输入密码之前超时了。在本例中，我希望能够在提示可用时立即提供我的密码。

(如果还不清楚的话:服务器处于这种状态，再设置公钥登录就太迟了。)

Sshpass来救援。但是，有比sshpass -p更好的方法。

我的实现直接跳到交互式密码提示(不会浪费时间查看是否可以进行公钥交换)，并且从不以纯文本的形式显示密码。

#!/bin/sh
# preempt-ssh.sh
# usage: same arguments that you'd pass to ssh normally
echo "You're going to run (with our additions) ssh $@"

# Read password interactively and save it to the environment
read -s -p "Password to use: " SSHPASS 
export SSHPASS

# have sshpass load the password from the environment, and skip public key auth
# all other args come directly from the input
sshpass -e ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no "$@"

# clear the exported variable containing the password
unset SSHPASS

您可以使用expect脚本。我没有写一个在相当长的一段时间，但它应该如下所示。您需要在脚本前面加上#!/usr/bin/expect

#!/usr/bin/expect -f
spawn ssh HOSTNAME
expect "login:" 
send "username\r"
expect "Password:"
send "password\r"
interact

如果您在Windows系统上执行此操作，您可以使用Plink (PuTTY的一部分)。

plink your_username@yourhost -pw your_password