I have a script that collects information from multiple ssh hosts at once, so it needs the ssh passphrase to be unlocked and loaded into ssh-agent before spawning connections in parallel. All hosts have the public key installed.
Collecting remote info in parallel is achieved like this, given a list of hosts as $hostlist:
remote_infos=$(while read -r host; do ssh -nTq "$host" "$some_command" & done <<< "$hostlist"; wait) However, if the ssh passphrase was not unlocked, it will ask it for all hosts, not just the first one, and also the prompting for passwords will look messy.
Is there a fast way to unlock that passphrase from the script only if it is not already unlocked?
I can simply run ssh -nTq "$host" true on the first host beforehand, but it seems too much (and slow) to establish a full ssh connection just for this.
Alternatively, I can run ssh-add but that will prompt for the passphrase even if it was already added. I could maybe parse ssh-add -l to avoid that, but is there an better way?
Optional question: is there a solution for password authentication? I have seen mentions of sshpass but it does not seem very secure to do that.
ssh-add. The problem are the parallel connections, if you don't wait for the first password to be entered all connections are basically asking at the same time. Forgoing the parallel connections would be another option.