Brew - sshpass security

Question

i come from linux and i know that for automatize shh logins we can use sshpass.

Looking for the sshpass command on MacOS i get this message:

machine0:~ roberto$ brew search sshpass
We won't add sshpass because it makes it too easy for novice SSH users to
ruin SSH's security.

So what is an alternative to reproduce the sshpass behavior with minimal effort?

I need sshpass to store multiple ssh sessions in my iTerm profiles:

You had two questions in here. This site works better when there is only one question per question. That way, it's easier for other people to find solutions if they have the same problem. I've edited out your second question, but feel free to ask it separately. — nohillside, Jul 22 '19 at 17:27
Do things like https://stackoverflow.com/questions/32255660/how-to-install-sshpass-on-mac, https://serverfault.com/questions/74158/how-can-you-do-a-one-liner-with-sftp-to-login-with-the-password-on-the-same-line, https://stackoverflow.com/questions/50096/how-to-pass-password-to-scp help? Is there a specific need for logging in with a password or would using a public/private key pair work as well? — nohillside, Jul 22 '19 at 17:29
Sorry you are right, i was thinking questions was strictly linked but it's bettere asking in 2 different question. Thank you for your edit — Roberto Manfreda, Jul 22 '19 at 17:30
https://github.com/Homebrew/brew/issues/4198 might help as well. — nohillside, Jul 22 '19 at 17:31
I'm trying to cretate different profiles on iterm session to store all my shh accesses... Don't know if it's a good choice or not due to security reasons.. I'll investigate if i can use private public keys... I'll add some example in the question when i'm at home :) — Roberto Manfreda, Jul 22 '19 at 17:32
Looking at your screenshot it's probably exactly the reason for the note you get when you install it. It will store your passwords onto the disk in plaintext. — nohillside, Jul 23 '19 at 12:25
Do you have some advice for me??? What should be the correct (secure) way to accomplish that? — Roberto Manfreda, Jul 23 '19 at 12:29
Using this method i'm able to accomplish the task specified in my question!!! But i have no idea about security holes i'm introducing doing that!!!! — Roberto Manfreda, Jul 23 '19 at 12:32
The security hole is the password as seen in your screenshot. To resolve this the standard approach is to use public/private key pairs (which for extra security can be protected by a password as well which can be read from Keychain automatically). — nohillside, Jul 23 '19 at 12:39
Ok, now i'm understanding! Thank you so much for your effort.. i will use public/private key pair! :) — Roberto Manfreda, Jul 23 '19 at 12:45

score 4 · Accepted Answer · answered Jul 23 '19 at 10:06

Even though Homebrew has blacklisted sshpass, you can still install it through third-party formula such as hudochenkov's:

brew install hudochenkov/sshpass/sshpass

There are several things to consider before doing this though:

It's a third-party formula which may not be updated as routinely as the brew core, so you could potentially miss out on key security updates.
SSHPass has been blocked for a reason, it's bad practice and there's likely to be a solution other than SSHPass - the page for SSHPass even states that:

Most user should use SSH's more secure public key authentiaction instead

Sourceforge

Brew - sshpass security

1 Answers1