Ruby net-ssh:如何使用网关通过 pubkey 进行身份验证
我正在尝试在我工作的几台机器上运行一个脚本,以收集有关它们的一些信息,例如它们正在运行哪个操作系统、它们上运行哪些服务、一些配置等。我有一台可以登录的机器在 ssh-ing 到任何其他机器之前,因为它具有公钥设置。从那里,我可以 ssh 进入所有其他机器,而无需询问我的密码。
我想要做的是自动从该计算机登录到所有这些计算机,但该脚本正在我的本地计算机上运行。所以我刚刚了解了 ruby-ssh-gateway 并正在尝试,但我似乎无法让 pubkey 身份验证工作。
我做了这样的事情:
gateway = Net::SSH::Gateway.new('gatewaymachine', 'username', :password => 'password')
all_machines.each do |machine|
gateway.ssh(machine, 'username') do |ssh|
uname = ssh.exec!('uname -a')
puts "machine: #{machine}; OS: #{uname}"
end
end
但我得到一个 Net::SSH::AuthenticationFailed 异常。
相反,如果我提供密码,如下所示:
gateway.ssh(machine, 'username', :password => 'password')
它确实有效,但这是不可行的,因为密码在机器之间并不相同。
有谁知道我怎样才能做到这一点?
谢谢。
I am trying to run a script in several machines I have at work, to gather some information about them, such as which OS they're running, what services run on them, some configurations, etc. I have a machine on which I log before ssh-ing to any of the other machines, because of the public key setup it has. From there, I can ssh into all of the other machines without being asked for my password.
What I want to do is to automate logging onto all of these machines from that one, but the script is running on my local machine. So I just learned about ruby-ssh-gateway and am trying that, but I can't seem to get pubkey authentication to work.
I do something like this:
gateway = Net::SSH::Gateway.new('gatewaymachine', 'username', :password => 'password')
all_machines.each do |machine|
gateway.ssh(machine, 'username') do |ssh|
uname = ssh.exec!('uname -a')
puts "machine: #{machine}; OS: #{uname}"
end
end
But I get a Net::SSH::AuthenticationFailed exception.
If, instead, I provide the password, like so:
gateway.ssh(machine, 'username', :password => 'password')
it does work, but that's not viable, since passwords are not the same across machines.
Does anyone know how I can make this work?
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您正在通话的机器是否位于 NAT 防火墙后面?如果没有,则不需要 ruby-ssh-gateway。
您是否在源机器上为运行程序的用户创建了公钥,并将该密钥提供给每个目标机器上的目标用户?
并确保密钥正常工作:
完成此操作后,就像使用 system 或反引号来 shell 到 ssh 一样简单:
Are the machines you are talking to behind a NAT firewall? If not, you don't need ruby-ssh-gateway.
Have you created a public key on the origin box, for the user which runs the program, and given that key to the target user on each target box?
and to make sure the key is working:
Once you've done that, it's as simple as using system or backtick to shell out to ssh: