创建无密码辅助 ssh 密钥以设置 ssh 隧道
我需要创建一个自动设置 ssh 隧道的脚本。 我认为没有密码的专用 ssh 密钥是一个好的开始,但我找不到这是否可能以及如何做到。 该密钥应该具有有限的权限(仅设置隧道),但我自己需要另一个私钥(带有密码)。
谢谢 !
I need to create a script that automatically setup a ssh tunnel. I think that a dedicated ssh key without password is a good start but I couldn't find if this is possible and how to do it.
This key should have limited privileges (only set the tunnel up) but I need another private key (with a password) for myself.
Thanks !
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
好的,我找到了答案。
首先,
ssh-keygen -f theNewPrivateKey否则它将覆盖旧的私钥。其次,
ssh -i theNewPrivateKey me@mycomputer-i选项更改用于身份验证的私钥。现在我可以尝试我的脚本了。
编辑:我的新密钥如何具有有限的权限:
将公钥复制到目标计算机的 $HOME/.ssh/authorized_keys2 文件时,我添加了以下内容:
那么唯一允许的命令就是永远等待。
由于创建此密钥的目的是创建反向 ssh 隧道,这应该没问题。
然后我创建隧道:
最后我可以从我的家庭计算机登录:
我希望这不会有安全问题。 如果这是一件坏事,请告诉我!
Ok, I've found the answer.
First,
ssh-keygen -f theNewPrivateKeyotherwise it will overwrite the old private key.Second,
ssh -i theNewPrivateKey me@mycomputerthe-ioption changes the private key used for the authentication.Now I can try my script.
Edit: how does my new key has limited privileges:
When copying the public key to $HOME/.ssh/authorized_keys2 file of the target computer, I added this:
Then the only command allowed is to wait forever.
Since the purpose of creating this key was to create a reverse ssh tunnel this should be fine.
I then create the tunnel:
Finally I can log from my home computer:
I hope that this does not have security issues. If this is a bad thing, please let me know !
尝试
使用 ssh-keygen
命令。
Try the
ssh-keygencommand.
我遇到过类似的情况,我必须自动同步服务器内容,而不必在 robocopy 脚本中提供密码。
这个链接帮助了我。
I had a similar situation where i had to synch a server content automatically without having to proivide the password in my robocopy script.
This Link helped me.