The canonical way to solve this is to pipe something into your command,
for example the Linux command `yes` (at `/usr/bin/yes`) echos `y` followed
by a carriage return indefinitely. This can be used to answer `(y/N)`
prompts thusly:
/usr/bin/yes | apt-get install something
(most programs have a --assume-yet, or --force flag, which achieves the
same thing)
to answer your question, you could use ask() to get the totp code into a
variable, and then do something like:
echo "#{nyvariable}" | my-command-that-wants-the-totp code
Note however that many things (passwd, sudo, etc) will refuse to read a
password from stdin, because it's considered very, very poor practice.
Also, you will have a very, very hard time to modify Capistrano to ask this
when SSHing into a machine. Ask yourself what you are really gaining by
adding a 6 byte TOTP token, plus a huge unverified PAM module, to what are
already 2048+bit keys with a well proven system in SSH. It would be better,
however impossible to have your server enforce that SSH keys are
passphrased, which you can't solve with technology, just education and
enforcement within your team.
With all this said, you might be interested in a newish feature of
Capistrano & SSHKit
https://github.com/capistrano/sshkit#using-the-sshkitmappinginteractionhandler
- note however, that needing something like this is a sign that your
deployment environment is most likely poorly designed. TOTP in cases like
this is pseudo security.
Lee Hambley
http://lee.hambley.name/
+49 (0) 170 298 5667
On 21 July 2015 at 08:51, Rodrigo Dominguez <[email protected]> wrote:
> Versions:
>
> - Ruby 2.1.6
> - Capistrano 3.4.0
>
> Platform:
>
> - Linux
>
> Files:
>
> - deploy.rb
>
>
> I'm wondering if there is a way to automatic enter info on server when it
> requests.
>
>
> To give some background, I added Two Factor Auth with google authenticator
> on some servers.
>
>
> When I deploy just to one server, it asks me for:
>
>
> Password:
> Verification Code:
>
> Which I enter manually (a password for Password, a code for Verification
> Code) and the deploy is made without major problems.
>
>
> When I have to deploy to more than one server at the same time, it asks me
> for:
>
>
> Password: Password:
>
>
> and whatever I enter it always break.
>
>
> So I'm wondering if I can make the deploy scripts to automatic enter some
> text when it seems "Password:" and "Verification Code:" automatically, by
> doing that, I'm planing to ask for password and google token when the
> deploy process start, and when the remote server asks for Password: and
> Verification Code: to automatically enter the data I supplied for password
> and verification code.
>
>
> Thank you
>
>
> Rod
>
> --
> You received this message because you are subscribed to the Google Groups
> "Capistrano" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web, visit
> https://groups.google.com/d/msgid/capistrano/8fd0799f-90fe-4f22-a29b-1981a6071348%40googlegroups.com
> <https://groups.google.com/d/msgid/capistrano/8fd0799f-90fe-4f22-a29b-1981a6071348%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Capistrano" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web, visit
https://groups.google.com/d/msgid/capistrano/CAN_%2BVLVCP5_1D_QRUAXa0LHC_CqPXLbp0%2B1-R2S2hyF_GGbq_g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
