pexpect.spawn('sudo ssh somehost') asks for sudo password every time

Question

I have a series of bash scripts that rely on sudo to ssh/scp some host with root privileges.

So I made a python script sshOK that uses pexpect to handle all the nitty gritty of sshing a host, such as answering yes to store keys and return true if the host is available for ssh and all is OK.

However, I'm asked for the password every time with sudo inside the python pexpect.spawn, instead of once every five minutes when the sudo is called with inside the bash scripts.

Is there some way to call

child=pexpect.spawn('sudo ssh somehost', Pty=get_parent_pty())

or similar inside my python script sshOK that makes the shell I'm running sshOK in remember that autorization? From what I've RTFM'ed about sudo the pexpect call needs to share pseudo terminal to inherit the credentials or something like that. The desired behavior is:

[foo@bar bin]$ sshOK somehost
[sudo] password for foo:
Try ssh            on somehost   testing connection              [--OK--]
[foo@bar bin]$ sshOK somehost
Try ssh            on somehost   testing connection              [--OK--]
[foo@bar bin]$

and not

[foo@bar bin]$ sshOK somehost
[sudo] password for foo:
Try ssh            on somehost   testing connection              [--OK--]
[foo@bar bin]$ sshOK somehost
[sudo] password for foo:
Try ssh            on somehost   testing connection              [--OK--]
[foo@bar bin]$

The goal is to replace the bash scripts later on with more python and pexpect, but right now the hurdle is to be able to call the same script more than once without having to type the password ad nauseam.

The alternative is to extract the parts that use pexpect to a separate script, add that script to sudoers and let the whole script run elevated. Adding ssh keys for every user is not an option.

Answer 1

It seems that the correct answer is...

no

All the communication happens in separate and completely disjoint [pt]ty's. Credentials can not be transfered and the pty created by pexpect can not be linked to the tty the script is run in.