我正在尝试从脚本执行ssh-add(此时不关心安全性).@H_404_1@
现在ssh提示密码短语,需要自动化,所以我读了很多东西,比如this,发现了expect.@H_404_1@
现在我做以下事情:@H_404_1@
@H_404_1@
eval `ssh-agent -s`
脚本tmp.sh定义为:@H_404_1@
@H_404_1@
#!/usr/bin/expect
spawn ssh-add /root/.ssh/id_rsa
expect "Enter passphrase for /root/.ssh/id_rsa:"
send "my_pass"
interact
./tmp.sh@H_404_1@
ssh-add -l@H_404_1@
如果ssh-add可行,它会显示类似的内容@H_404_1@
4096 SHA256:wlfP / nhVSWXLcljBOen5GSYZXJGgfi / XJWfZeBwqRsM id_rsa(RSA)@H_404_1@
但相反,我得到代理没有身份.似乎ssh-agent失去了它的上下文.@H_404_1@
就个人而言,我发现使用期望有点麻烦.以下方法发现how to make ssh-add read passphrase from a file相当翔实.@H_404_1@
因此,如果您的ssh-add版本允许-p参数并且您不担心安全性,那么这应该工作:@H_404_1@
@H_404_1@
#!/bin/bash
# store a file somewheres with your passphrase. For example's sake
# I'll just use $HOME/.myscrt
<$HOME/.myscrt ssh-add -p ~/.ssh/id_rsa
现在如果-p不适合你,我发现第二种方法有点巧妙:@H_404_1@
@H_404_1@
#!/bin/bash
# Same passfile and some minor enhancements from the OP of the linked
# solution
PASS="$(<$HOME/.myscrt)"
# the following is just a one-liner method of making an executable
# one-line script echoing the password to STDOUT
install -vm700 <(echo "echo $PASS") "$PWD/ps.sh"
# then the magic happens. NOTE: your disPLAY variable should be set
# for this method to work (see ssh-add(1))
[[ -z "$disPLAY" ]] && export disPLAY=:0
< id_rsa SSH_ASKPASS="$PWD/ps.sh" ssh-add - && shred -n3 -uz $PWD/ps.sh
当我测试脚本时我称之为“j”,见下文:@H_404_1@
@H_404_1@
$cd /tmp
$ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/me/.ssh/id_rsa): /tmp/id_rsa
Enter passphrase (empty for no passphrase): asdfasdf
Enter same passphrase again: asdfasdf
Your identification has been saved in /tmp/id_rsa.
Your public key has been saved in /tmp/id_rsa.pub.
The key fingerprint is:
ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d jimconn@redapt-240
The key's randomart image is:
+--[ RSA 2048]----+
| o |
| o E |
| . . o |
| o o o.o |
| . O oS .o |
| + o o.. |
| =... |
| .*o |
| o=o |
+-----------------+
$echo 'asdfasdf' > ~/.myscrt
$chmod 0600 ~/.myscrt
$ls -altr ~/.myscrt
-rw------- 1 me me 9 Feb 16 19:00 /home/me/.myscrt
$cat ~/.myscrt
asdfasdf
$ls -ltr
total 12
-rw-r--r-- 1 me me 400 Feb 16 18:59 id_rsa.pub
-rw------- 1 me me 1766 Feb 16 18:59 id_rsa
-rwx------ 1 me me 151 Feb 16 19:04 j
$cat j
#!/bin/bash
PASS="$(<$HOME/.myscrt)"
install -vm700 <(echo "echo $PASS") "$PWD/ps.sh"
cat id_rsa | SSH_ASKPASS="$PWD/ps.sh" ssh-add - && shred -n3 -uz $PWD/ps.sh
$./j
‘/dev/fd/63’ -> ‘/tmp/so/ps.sh’
Identity added: (stdin) ((stdin))
$ls
id_rsa id_rsa.pub j
因此,快速注意这个方法的一件事是列出加载到ssh-agent中的身份只会显示stdin被加载:@H_404_1@
@H_404_1@
$ssh-add -D
All identities removed.
$ssh-add -l
2048 ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d (stdin) (RSA)
$./j
‘/dev/fd/63’ -> ‘/tmp/so/ps.sh’
Identity added: (stdin) ((stdin))
$ssh-add -l
2048 ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d (stdin) (RSA)
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
