获取shell脚本输入密码
我是 shellscripting 的新手(并且不太熟悉 Linux 世界),并且正在尝试让 shellscript 使用我的给定自动登录到 sftp 服务器。现在这就是我已经走了多远
#!/bin/bash
HOST='somehost.com'
USER='someusername'
PASSWD='somepass'
sftp $USER@$HOST
现在这就是我遇到麻烦的地方。此时,系统将提示我输入密码。那么如何让脚本在提示输入密码时自动回复密码呢?我还尝试找到一种使用 sftp 命令传递密码的方法,但没有成功。谁能帮我解决这个问题吗?
I'm new to shellscripting (and not well traveled in the world of Linux) and are trying to get a shellscript to automaticly log into an sftp server with my given. Now this is how far I've gotten
#!/bin/bash
HOST='somehost.com'
USER='someusername'
PASSWD='somepass'
sftp $USER@$HOST
Now this is where I run into trouble. At this point I will be prompted for a password. So how do I get the script to automaticly reply with the password when prompted for it? I also tried finding a way to pass along the password with the sftp command, but with no luck. Can anyone help me figure this out?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
使用此代码:
Use this code:
在命令行或此类脚本中包含密码并不是一个好主意。任何有权访问正在运行的进程列表的人都可以看到您的密码,它最终可能会出现在您的 shell 历史记录和日志文件中。所以这会造成安全漏洞。
有更多信息 此线程,其中建议基于密钥的身份验证而不是您提出的方法。
It's not a good idea to include the password in a command line or such a script. Anyone who has access to the list of running processes could see your password, it could end up in your shell history and log files. So this would create a security hole.
There is more info in this thread where key based authentication is recommended over your proposed method.
不要将密码存储在脚本文件中,除非您对保持绝对严格的权限有强迫症。
对于 ssh/sftp/scp 的所有内容,请使用公钥身份验证。了解您可以在客户端和服务器端设置的设置,以使其更加安全(ip 限制、用户限制、密码限制、重试次数、同时登录次数等)仅此一项就应该消除由于许多不安全因素脚本问题。
如果您绝对必须将密码存储在变量中,请不要导出它,并在使用完它后立即取消设置。
Do not store passwords in script files, unless you are compulsive obsessive about keeping your permissions absolutely tight.
For all things ssh/sftp/scp, use public key authentication. Learn about the settings you can set on both the client and the server ends to make it more secure (ip restrictions, user restrictions, cipher restrictions, number of retries, number of simultaneous logins, etc) That alone should eliminate a lot of insecurity due to scripting issues.
If you absolutely must store a password in a variable, do not export it, and unset it the moment you get done using it.
在本地主机(将执行脚本的地方)生成 ssh 密钥对:
scriptuser@scripthost:/~$ ssh-keygen -t rsa
生成公钥/私钥 rsa 密钥对。
输入要保存密钥的文件 (/home/michal/.ssh/id_rsa):{按 ENTER!}
(...)
将生成的公钥从 scripthost 复制到 somehost.com 并将其附加到经过身份验证的主机列表中:
scriptuser@scripthost:/~$ cat ~/.ssh/id_rsa.pub | ssh [电子邮件受保护] 'cat >> .ssh/authorized_keys'
现在您应该能够在没有密码的情况下使用 scp 或 sftp:
scriptuser@scripthost:/~$ scp /any/local/file [电子邮件受保护]:/remote/location/
on local host (where the script will be executed) generate ssh key pair:
scriptuser@scripthost:/~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/michal/.ssh/id_rsa): {press ENTER!}
(...)
copy generated public key from scripthost to the somehost.com and append it to the list of authenticated hosts:
scriptuser@scripthost:/~$ cat ~/.ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'
now you should be able to use scp or sftp without password:
scriptuser@scripthost:/~$ scp /any/local/file [email protected]:/remote/location/
使用 sshpass 命令。
您可以随命令一起提供密码
use sshpass command.
you can give password along with command