Actually, an even better solution would be to set up public keys WITH a password, then simply use an "ssh-agent" to keep it in memory. That way, you can leave the processes to do what deeds they will, and the keys are still protected with a password in the event they are stolen.
On Nov 15, Jesse Rosenthal wrote: > Whatever I do, though, I'll need to use pexpect to spawn the > processes, since I'll need to log in to ssh servers with a password. You might save yourself this effort by setting up ssh for non-interactive use with keys instead of password authentication: $ cd ~/.ssh $ chmod 700 . $ ssh-keygen -t rsa # just keep pressing <enter> $ cp id_rsa.pub authorized_keys2 -- http://mail.python.org/mailman/listinfo/python-list
