Tag Archives: pty

Scripting ssh and git securely with Python

Some programs such as SSH ask for password and key passphrase via TTY (rather than STDIN), which is not supported by Python’s subprocess.Popen() call – the otherwise recommended, convenient way or running programs in a separate process.

This issue also arises when using SSH and PKI keys with git, to secure communications with a git server without an username and password.

This example illustrates use of pty.fork() from Python stdlib to support communications with a child process via a tty (a pty, actually).

"Run git clone using pki key with passphrase."
import pty, os, sys, select
def waitfor(fd, str):
"poll the child for input"
poll = select.poll()
poll.register(fd, select.POLLIN)
while True:
evt = poll.poll()
if str in os.read(fd, 1024):
if __name__=="__main__":
# run this from shell with git url,target path & key passphrase
giturl, path, passphrase = sys.argv[1:4]
pid, fd = pty.fork()
# executed in child
if pid == 0:
os.execvp("git", ["git", "clone", giturl, path])
# executed in parent
elif pid > 0:
waitfor(fd, "Enter passphrase")
os.write(fd, passphrase + "\n")
waitfor(fd, "Resolving deltas: 100%")
view raw gistfile1.py hosted with ❤ by GitHub

There’s also some more explanations on how pty.fork() works, from Stack Overflow. Furthermore, Paul Mikesell has written an extensive article on scripting SSH with Python.