How to Force OpenSSH to Prompt for Username Instead of Using Default Local Username


2 views

When connecting to a remote server using SSH, the client typically defaults to using your local system username if no login name is specified. For example:

cogan@localhost$ ssh myserver
cogan@myserver's password:

This automatic username selection can be inconvenient when you need to connect with different user accounts or when scripting SSH connections.

There are several approaches to make SSH prompt for a username:

Method 1: Using the -l Option

The simplest way is to use the -l flag with an empty string:

ssh -l "" myserver

This will force SSH to prompt for both username and password.

Method 2: SSH Configuration

Add this to your ~/.ssh/config file:

Host *
    User ""

Now all SSH connections will prompt for username.

Method 3: Shell Alias

Create a convenient alias in your shell configuration:

alias sshprompt='ssh -l ""'

For automation scenarios, you might want to combine this with other tools:

#!/bin/bash
read -p "Enter username: " username
ssh -l "$username" myserver

While forcing username prompts can be useful, remember:

  • This approach may store the username in shell history
  • Consider using SSH keys for automated connections
  • Be cautious when using this in scripts that might expose credentials

For more complex scenarios, you can use Expect:

#!/usr/bin/expect -f
spawn ssh myserver
expect "login:"
send "$username\r"
expect "Password:"
send "$password\r"
interact

When connecting via SSH without explicitly specifying a username, OpenSSH automatically attempts to authenticate using your local system username. For example:

$ ssh example.com
john@example.com's password:

In this case, the client automatically uses "john" (the local username) for authentication on the remote server. While convenient in some cases, this behavior can be problematic when:

  • You need to connect as different users frequently
  • Your local username differs from remote server usernames
  • You're writing scripts that require explicit username input

There are several effective methods to override this default behavior:

Method 1: Using -l Option with Empty Value

The most straightforward solution is to use the -l flag with an empty argument:

ssh -l '' example.com

This forces SSH to prompt for both username and password:

login as: 
user@example.com's password:

Method 2: Configuration File Solution

For permanent configuration, add this to your ~/.ssh/config:

Host *
    User ''

This makes SSH prompt for username for all connections. To make it host-specific:

Host example.com
    User ''

Method 3: Wrapper Script Approach

Create a bash script named ssh-prompt:

#!/bin/bash
read -p "Enter username: " username
ssh -l "$username" "$@"

Make it executable and use it instead of regular SSH:

chmod +x ssh-prompt
./ssh-prompt example.com

Using SSH with Different Environments

When working across multiple environments (like containers or CI systems), you might need to combine these techniques:

#!/bin/bash
# For CI environments with preset variables
if [ -z "$SSH_USER" ]; then
    ssh -l '' "$@"
else
    ssh -l "$SSH_USER" "$@"
fi

Expect Script for Automation

For automated systems that still need username input:

#!/usr/bin/expect -f
spawn ssh -l '' example.com
expect "login as:"
send "$env(SSH_USER)\r"
expect "password:"
send "$env(SSH_PASS)\r"
interact
  • Permission issues: Ensure ~/.ssh/config has 600 permissions
  • SSH config precedence: Later declarations override earlier ones
  • Passwordless authentication: These methods work with key-based auth too