Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/linux/25.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Linux ssh从bash脚本添加并自动输入密码短语_Linux_Bash_Ssh_Expect_Openssh - Fatal编程技术网
Fatal编程技术网
  • linux/
  • Linux ssh从bash脚本添加并自动输入密码短语

Linux ssh从bash脚本添加并自动输入密码短语

linux bash ssh

Linux ssh从bash脚本添加并自动输入密码短语,linux,bash,ssh,expect,openssh,Linux,Bash,Ssh,Expect,Openssh,我正在尝试从脚本添加ssh(目前不关心安全性) 现在ssh会提示输入密码短语,这需要自动化,所以我读了一些东西,比如和find 现在我做以下几点: eval `ssh-agent -s` 脚本tmp.sh定义为: #!/usr/bin/expect spawn ssh-add /root/.ssh/id_rsa expect "Enter passphrase for /root/.ssh/id_rsa:" send "my_pass" interact /tmp.sh ssh添加-l 如果

我正在尝试从脚本添加ssh(目前不关心安全性)

现在ssh会提示输入密码短语,这需要自动化,所以我读了一些东西,比如和find

现在我做以下几点:

eval `ssh-agent -s`
脚本tmp.sh定义为:

#!/usr/bin/expect
spawn ssh-add /root/.ssh/id_rsa
expect "Enter passphrase for /root/.ssh/id_rsa:"
send "my_pass"
interact

/tmp.sh

ssh添加-l

如果ssh-add能够工作,它会显示如下内容

4096 SHA256:wlfP/nhVSWXLcljBOen5GSYZXJGgfi/XJWFZBWQRSM id_rsa(rsa)

但是我得到的是
代理没有身份。
似乎ssh代理失去了它的上下文

我对其他解决方案持开放态度。

更新,因为第一个解决方案不起作用

我没有尝试过这一点,但如果expect确实失去了上下文,那么稍后设置它可能是一个好主意:

auto-passphrase-add.expect(替换tmp.sh)

ssh-agent-ssh-add.sh

#!/bin/sh
eval `ssh-agent -s`
ssh-add "$@"
就我个人而言,我觉得expect的使用有点麻烦。以下方法提供了大量信息

因此,如果您的
ssh add
版本允许
-p
参数,并且您不担心安全性,那么这应该可以工作:

当我测试我称之为“j”的脚本时,请参见以下内容:

$ cd /tmp
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/me/.ssh/id_rsa): /tmp/id_rsa
Enter passphrase (empty for no passphrase): asdfasdf
Enter same passphrase again: asdfasdf
Your identification has been saved in /tmp/id_rsa.
Your public key has been saved in /tmp/id_rsa.pub.
The key fingerprint is:
ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d jimconn@redapt-240
The key's randomart image is:
+--[ RSA 2048]----+
|       o         |
|      o E        |
|     . . o       |
|    o o o.o      |
|   . O oS .o     |
|    + o o..      |
|       =...      |
|       .*o       |
|      o=o        |
+-----------------+
$ echo 'asdfasdf' > ~/.myscrt
$ chmod 0600 ~/.myscrt
$ ls -altr ~/.myscrt
-rw------- 1 me me 9 Feb 16 19:00 /home/me/.myscrt
$ cat ~/.myscrt
asdfasdf
$ ls -ltr
total 12
-rw-r--r-- 1 me me  400 Feb 16 18:59 id_rsa.pub
-rw------- 1 me me 1766 Feb 16 18:59 id_rsa
-rwx------ 1 me me  151 Feb 16 19:04 j
$ cat j
#!/bin/bash
PASS="$(<$HOME/.myscrt)"
install -vm700 <(echo "echo $PASS") "$PWD/ps.sh"
cat id_rsa | SSH_ASKPASS="$PWD/ps.sh" ssh-add - && shred -n3 -uz     $PWD/ps.sh
$ ./j
‘/dev/fd/63’ -> ‘/tmp/so/ps.sh’
Identity added: (stdin) ((stdin))
$ ls
id_rsa  id_rsa.pub  j
您是否运行了
eval`ssh-agent-s`
eval'ssh-agent-s'
?我运行了eval`ssh-agent-s`,但由于格式问题,我希望能够这样说如果您不关心安全性,并且愿意将密码短语存储在文件中,那么您最好完全从密钥中删除密码短语。仍然需要“\n”,这是我尝试做的第一件事,有时提示输入密码的程序无法从常规标准输入中读取密码,需要有一个模拟TTY。这可能不是“expect”的默认行为,但我认为它可以选择模仿TTY。让我们看一下手册页,看看是否有这样的选项。我在一个小贴士中试试看,代理pid 37 spawn SSH_AUTH_SOCK=/tmp/SSH-Zmv2bGZUfCKp/Agent.36 SSH_Agent_pid=37 SSH add/root/.SSH/id_rsa无法执行“SSH_AUTH_SOCK=/tmp/SSH-zmv2bzufckp/Agent.36”:执行时没有这样的文件或目录“spawn SSH_AUTH_SOCK=/tmp/SSH-Zmv2bGZUfCKp/agent.36 SSH_agent_PID=37 SSH add/root/.SSH/id_rsa”您可以尝试第二种方法吗?是的,让我在docker中尝试一下,这可能是docker构建问题,可能需要更长的时间 
#!/bin/bash
# store a file somewheres with your passphrase. For example's sake
# I'll just use $HOME/.myscrt

<$HOME/.myscrt ssh-add -p ~/.ssh/id_rsa

#!/bin/bash
# Same passfile and some minor enhancements from the OP of the linked
# solution
PASS="$(<$HOME/.myscrt)"

# the following is just a one-liner method of making an executable
# one-line script echoing the password to STDOUT
install -vm700 <(echo "echo $PASS") "$PWD/ps.sh"

# then the magic happens. NOTE: your DISPLAY variable should be set
# for this method to work (see ssh-add(1))
[[ -z "$DISPLAY" ]] && export DISPLAY=:0
< id_rsa SSH_ASKPASS="$PWD/ps.sh" ssh-add - && shred -n3 -uz  $PWD/ps.sh    

$ cd /tmp
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/me/.ssh/id_rsa): /tmp/id_rsa
Enter passphrase (empty for no passphrase): asdfasdf
Enter same passphrase again: asdfasdf
Your identification has been saved in /tmp/id_rsa.
Your public key has been saved in /tmp/id_rsa.pub.
The key fingerprint is:
ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d jimconn@redapt-240
The key's randomart image is:
+--[ RSA 2048]----+
|       o         |
|      o E        |
|     . . o       |
|    o o o.o      |
|   . O oS .o     |
|    + o o..      |
|       =...      |
|       .*o       |
|      o=o        |
+-----------------+
$ echo 'asdfasdf' > ~/.myscrt
$ chmod 0600 ~/.myscrt
$ ls -altr ~/.myscrt
-rw------- 1 me me 9 Feb 16 19:00 /home/me/.myscrt
$ cat ~/.myscrt
asdfasdf
$ ls -ltr
total 12
-rw-r--r-- 1 me me  400 Feb 16 18:59 id_rsa.pub
-rw------- 1 me me 1766 Feb 16 18:59 id_rsa
-rwx------ 1 me me  151 Feb 16 19:04 j
$ cat j
#!/bin/bash
PASS="$(<$HOME/.myscrt)"
install -vm700 <(echo "echo $PASS") "$PWD/ps.sh"
cat id_rsa | SSH_ASKPASS="$PWD/ps.sh" ssh-add - && shred -n3 -uz     $PWD/ps.sh
$ ./j
‘/dev/fd/63’ -> ‘/tmp/so/ps.sh’
Identity added: (stdin) ((stdin))
$ ls
id_rsa  id_rsa.pub  j

$ ssh-add -D
All identities removed.
$ ssh-add -l
2048 ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d (stdin) (RSA)
$ ./j
‘/dev/fd/63’ -> ‘/tmp/so/ps.sh’
Identity added: (stdin) ((stdin))
$ ssh-add -l
2048 ed:1a:ae:c7:ac:47:5e:31:98:8e:18:8f:1c:67:94:6d (stdin) (RSA)