Our great sponsors
-
event-driven-servers
A collection of event-driven servers (currently: tac_plus, tac_plus-ng, ftpd, tcprelay)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Author here. I don't claim sshpass is "broken by design". I claim it is brittle as it relies on the detection of a password prompt. passh author has several examples here: https://github.com/clarkwang/passh/blob/master/sshpass-broke....
There is an implementation with an extension: https://github.com/MarcJHuber/event-driven-servers/wiki/TACA.... But I don't know if there are any supported clients.
Another possibility would be to use CA certificates for authentication and only TACACS+ for authorization and accounting. Juniper now supports CA certificates. Cisco may in 10 years.