当前位置: 文江博客话题详情

在 Bash 脚本中使用 Expect 为 SSH 命令提供密码

发布于 2024-10-13 12:08:36 字数 668 浏览 9 评论 0原文

我尝试在 Bash 脚本中使用 expect 来提供 SSH 密码。提供密码是可行的,但我并没有像我应该的那样进入 SSH 会话。它又回到了 Bash。

我的脚本:

#!/bin/bash

read -s PWD

/usr/bin/expect <<EOD
spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com'
expect "password"
send "$PWD\n"
EOD
echo "you're out"

我的脚本的输出:

spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com
usr@$myhost.example.com's password: you're out

我想要进行 SSH 会话,并且只有当我退出它时,才返回到我的 Bash 脚本。

我之所以在 expect 之前使用 Bash 是因为我必须使用菜单。我可以选择连接到哪个单元/设备。

对于那些想回复我应该使用 SSH 密钥的人,请弃权。

原文

I'm trying to use expect in a Bash script to provide the SSH password. Providing the password works, but I don't end up in the SSH session as I should. It goes back strait to Bash.

My script:

#!/bin/bash

read -s PWD

/usr/bin/expect <<EOD
spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com'
expect "password"
send "$PWD\n"
EOD
echo "you're out"

The output of my script:

spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com
usr@$myhost.example.com's password: you're out

I would like to have my SSH session and, only when I exit it, to go back to my Bash script.

The reason why I am using Bash before expect is because I have to use a menu. I can choose which unit/device to connect to.

To those who want to reply that I should use SSH keys, please abstain.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(9

小耗子 2024-10-20 12:08:36

混合使用 Bash 和 Expect 并不是达到预期效果的好方法。我尝试仅使用 Expect:

#!/usr/bin/expect
eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com

# Use the correct prompt
set prompt ":|#|\\\$"
interact -o -nobuffer -re $prompt return
send "my_password\r"
interact -o -nobuffer -re $prompt return
send "my_command1\r"
interact -o -nobuffer -re $prompt return
send "my_command2\r"
interact

bash 的示例解决方案可能是:

#!/bin/bash
/usr/bin/expect -c 'expect "\n" { eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com; interact }'

这将等待 Enter,然后返回(暂时)交互式会话。

Mixing Bash and Expect is not a good way to achieve the desired effect. I'd try to use only Expect:

#!/usr/bin/expect
eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com

# Use the correct prompt
set prompt ":|#|\\\
quot;
interact -o -nobuffer -re $prompt return
send "my_password\r"
interact -o -nobuffer -re $prompt return
send "my_command1\r"
interact -o -nobuffer -re $prompt return
send "my_command2\r"
interact

Sample solution for bash could be:
#!/bin/bash
/usr/bin/expect -c 'expect "\n" { eval spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com; interact }'

This will wait for Enter and then return to (for a moment) the interactive session.
 回复 原文 
疯到世界奔溃 2024-10-20 12:08:36
最简单的方法是使用sshpass。这在 Ubuntu/Debian 存储库,您不必处理将 Expect 与 Bash 集成的问题。
示例:
sshpass -p<password> ssh <arguments>
sshpass -ptest1324 ssh [email protected] ls -l /tmp

上面的命令可以轻松地与 Bash 脚本集成。
注意:请阅读 man sshpass 中的安全注意事项部分,以全面了解安全影响。
The easiest way is to use sshpass. This is available in Ubuntu/Debian repositories and you don't have to deal with integrating expect with Bash.
An example:
sshpass -p<password> ssh <arguments>
sshpass -ptest1324 ssh [email protected] ls -l /tmp

The above command can be easily integrated with a Bash script.
Note: Please read the Security Considerations section in man sshpass for a full understanding of the security implications.
 回复 原文 
风为裳 2024-10-20 12:08:36
在 EOD 之前添加“interact”Expect 命令:
#!/bin/bash

read -s PWD

/usr/bin/expect <<EOD
spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com
expect "password"
send -- "$PWD\r"
interact
EOD
echo "you're out"

这应该允许您与远程计算机交互,直到您注销。然后您将返回 Bash。
Add the 'interact' Expect command just before your EOD:
#!/bin/bash

read -s PWD

/usr/bin/expect <<EOD
spawn ssh -oStrictHostKeyChecking=no -oCheckHostIP=no usr@$myhost.example.com
expect "password"
send -- "$PWD\r"
interact
EOD
echo "you're out"

This should let you interact with the remote machine until you log out. Then you'll be back in Bash.
 回复 原文 
不回头走下去 2024-10-20 12:08:36
在寻找这个问题的答案几个月后,我终于找到了一个真正最好的解决方案:编写一个简单的脚本。
#!/usr/bin/expect

set timeout 20

set cmd [lrange $argv 1 end]
set password [lindex $argv 0]

eval spawn $cmd
expect "assword:"   # matches both 'Password' and 'password'
send -- "$password\r"; # -- for passwords starting with -, see https://stackoverflow.com/a/21280372/4575793
interact

将其放入 /usr/bin/exp 中,然后您可以使用:
  • exp; ssh <任何东西>
  • exp <密码> scp;
完成!
After looking for an answer for the question for months, I finally find a really best solution: writing a simple script.
#!/usr/bin/expect

set timeout 20

set cmd [lrange $argv 1 end]
set password [lindex $argv 0]

eval spawn $cmd
expect "assword:"   # matches both 'Password' and 'password'
send -- "$password\r"; # -- for passwords starting with -, see https://stackoverflow.com/a/21280372/4575793
interact

Put it to /usr/bin/exp, then you can use:
  • exp <password> ssh <anything>
  • exp <password> scp <anysrc> <anydst>
Done!
 回复 原文 
八巷 2024-10-20 12:08:36
一个简单的 Expect 脚本:
文件 Remotelogin.exp
    #!/usr/bin/expect
    set user [lindex $argv 1]
    set ip [lindex $argv 0]
    set password [lindex $argv 2]
    spawn ssh $user@$ip
    expect "password"
    send "$password\r"
    interact

示例:
./Remotelogin.exp <ip> <user name> <password>

A simple Expect script:
File Remotelogin.exp
    #!/usr/bin/expect
    set user [lindex $argv 1]
    set ip [lindex $argv 0]
    set password [lindex $argv 2]
    spawn ssh $user@$ip
    expect "password"
    send "$password\r"
    interact

Example:
./Remotelogin.exp <ip> <user name> <password>

 回复 原文 
蓝眸 2024-10-20 12:08:36
还要确保使用
send -- "$PWD\r"

相反的方式,否则以破折号 (-) 开头的密码将会失败。
上面不会将以破折号开头的字符串解释为发送命令的选项。
Also make sure to use
send -- "$PWD\r"

instead, as passwords starting with a dash (-) will fail otherwise.
The above won't interpret a string starting with a dash as an option to the send command.
 回复 原文 
怎言笑 2024-10-20 12:08:36
使用帮助工具 fd0ssh (来自 hxtools,ubuntu 源openSUSE 源,不是 pmt)。它的工作不需要 ssh 程序的特定提示。
它还“比像 sshpass 那样在命令行上传递密码安全得多”(- Charles Duffy 的评论)。
Use the helper tool fd0ssh (from hxtools, source for ubuntu, source for openSUSE, not pmt). It works without having to expect a particular prompt from the ssh program.
It is also "much safer than passing the password on the command line as sshpass does" ( - comment by Charles Duffy).
 回复 原文 
从来不烧饼 2024-10-20 12:08:36
我发现从 Bash 脚本使用小型 Expect 脚本很有用的另一种方法如下。
...
Bash script start
Bash commands
...
expect - <<EOF
spawn your-command-here
expect "some-pattern"
send "some-command"
...
...
EOF
...
More Bash commands
...

这是有效的,因为 ...如果提供字符串“-”作为文件名,则会读取标准输入...
Another way that I found useful to use a small Expect script from a Bash script is as follows.
...
Bash script start
Bash commands
...
expect - <<EOF
spawn your-command-here
expect "some-pattern"
send "some-command"
...
...
EOF
...
More Bash commands
...

This works because ...If the string "-" is supplied as a filename, standard input is read instead...
 回复 原文 
不打扰别人 2024-10-20 12:08:36
如果您尝试在 Sublime Text 中使用 sshpass ,它就会被破坏构建目标,在 Makefile 中。 您可以使用 passh,而不是 sshpass
使用sshpass,您将执行以下操作:
sshpass -p pa$word ssh user@host

使用passh,您将执行以下操作:
passh -p pa$word ssh user@host

注意:不要忘记使用-o StrictHostKeyChecking=no。否则,连接将在您第一次使用时挂起。例如:
passh -p pa$word ssh -o StrictHostKeyChecking=no user@host

参考文献:
  1. 在 SSH 连接中使用 Expect 脚本无法发送密码命令
  2. 如何在 ssh 中禁用严格的主机密钥检查?
  3. 如何禁用 SSH 主机密钥检查
  4. 不带known_hosts检查的scp
  5. pam_mount 和带密码身份验证的 sshfs
sshpass is broken if you try to use it inside a Sublime Text build target, inside a Makefile. Instead of sshpass, you can use passh
With sshpass you would do:
sshpass -p pa$word ssh user@host

With passh you would do:
passh -p pa$word ssh user@host

Note: Do not forget to use -o StrictHostKeyChecking=no. Otherwise, the connection will hang on the first time you use it. For example:
passh -p pa$word ssh -o StrictHostKeyChecking=no user@host

References:
  1. Send command for password doesn't work using Expect script in SSH connection
  2. How can I disable strict host key checking in ssh?
  3. How to disable SSH host key checking
  4. scp without known_hosts check
  5. pam_mount and sshfs with password authentication
 回复 原文 
~没有更多了~
关于作者
 荒芜了季节
暂无简介
0 文章
0 评论
24 人气
 发私信
相关话题
更多 
热门标签
操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多 
推荐作者
離殇
文章 0 评论 0
小姐丶请自重
文章 0 评论 0
Aik
文章 0 评论 0
国产ˉ祖宗
文章 0 评论 0
猥琐帝
文章 0 评论 0
半仙
文章 0 评论 0
更多 
友情链接
文江博客
       
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
     
    原文