当前位置：文江博客话题详情

检查是否设置了无密码访问

发布于 2024-09-25 05:41:24 字数 125 浏览 1 评论 0原文

我将通过 python 脚本测试是否已设置无密码 ssh 登录。如果我运行普通的 ssh 命令，那么它将等待一段时间接受密码。有没有办法让 ssh 命令在 ssh 要求输入密码时立即返回错误。

有可能实现这一目标吗？

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

人心善变 2024-10-02 05:41:24

ssh 命令接受相当大的选项集，因此假设您的 Python 代码正在调用 shell 命令，请执行以下操作：

ssh -oNumberOfPasswordPrompts=0 <host> "echo hello"

如果尚未设置密钥，这将立即失败，如果已设置，则立即完成，这就是原因命令被传递到主机。这为您提供了一个简单的测试。

The ssh command accepts quite a large set of options, so assuming that your Python code is calling shell commands do the following :

ssh -oNumberOfPasswordPrompts=0 <host> "echo hello"

This will instantly fail if the keys have not been setup, and instantly complete if they have, which is the reason for the command being passed to the host. This gives you a simple test.

回复收藏 0 原文

苦笑流年记忆 2024-10-02 05:41:24

如果您没有将密码传递给 SSHClient 的 .connect() 方法并且无法获取工作密钥，paramiko 将引发 AuthenticationException成立。

回复收藏 0 原文

作业与我同在 2024-10-02 05:41:24

您可以为 ssh 命令设置一个参数，以便在身份验证过程中仅尝试公钥，并设置批处理模式，该命令在远程主机中执行该命令时始终返回 true。通过这种方法，您可以捕获 var $? 中的退出代码。并做一些决定。

ssh -o PreferredAuthentications=publickey -o BatchMode=yes <host> /bin/true &> /dev/null
if [ $? -eq 0 ]; then
    #DO SOMETHING, THE CONNECTION WAS SUCCESSFUL
else
    #CONECTION DENIED
fi

您可以通过在 ssh 命令的详细输出中查找“权限被拒绝”来捕获自定义输出到变量，如以下代码所示。

PERMISION=$([ ! -z "$(ssh -v -o PreferredAuthentications=publickey -o BatchMode=yes <host> /bin/true 2>&1 | grep " Permission denied")" ] && echo "GRANTED" || echo "DENIED")
if [ $PERMISION == "GRANTED" ]; then
    #DO SOMETHING, THE CONNECTION WAS SUCCESSFUL
else
    #CONECTION DENIED
fi

我希望这对您有用。

You can set a parameter to ssh command to only try the public key in the authentication process and set a batch mode with a command that always return true when the command is executed in the remote host. With that approach you can capture the exit code in the var $? and do some decision.

ssh -o PreferredAuthentications=publickey -o BatchMode=yes <host> /bin/true &> /dev/null
if [ $? -eq 0 ]; then
    #DO SOMETHING, THE CONNECTION WAS SUCCESSFUL
else
    #CONECTION DENIED
fi

You can capture custom output to a variable by finding the "Permission denied" in the verbose output of the ssh command as is in the following code.

PERMISION=$([ ! -z "$(ssh -v -o PreferredAuthentications=publickey -o BatchMode=yes <host> /bin/true 2>&1 | grep " Permission denied")" ] && echo "GRANTED" || echo "DENIED")
if [ $PERMISION == "GRANTED" ]; then
    #DO SOMETHING, THE CONNECTION WAS SUCCESSFUL
else
    #CONECTION DENIED
fi

I hope this find you useful .

回复收藏 0 原文

零度° 2024-10-02 05:41:24

您可以使用PasswordAuthentication选项

密码验证
指定是否允许密码验证。默认值为“是”。 https://linux.die.net/man/5/sshd_config

Python 代码

import subprocess
completed_process = subprocess.run(
    """ ssh -o PasswordAuthentication=no user@localhost 'hostname' """,
    shell=True
)
assert completed_process.returncode == 0

You may use the PasswordAuthentication option

PasswordAuthentication
Specifies whether password authentication is allowed. The default is ''yes''. https://linux.die.net/man/5/sshd_config

Python code

import subprocess
completed_process = subprocess.run(
    """ ssh -o PasswordAuthentication=no user@localhost 'hostname' """,
    shell=True
)
assert completed_process.returncode == 0

回复收藏 0 原文

~没有更多了~