通过SSH运行shell时如何自动输入?
在我的 shell 脚本中,我正在运行一个要求我输入的命令。
如何自动为命令提供所需的输入?
例如:
$cat test.sh
ssh-copy-id [email protected]
运行test.sh时:
首先,它会询问:
您确定要继续连接吗(是/否)?然后,它会要求我输入密码:
[电子邮件受保护]的密码:
有没有办法输入这是自动的吗?
In my shell script I am running a command which is asking me for input.
How can I give the command the input it needs automatically?
For example:
$cat test.sh
ssh-copy-id [email protected]
When running test.sh:
First, it will ask:
Are you sure you want to continue connecting (yes/no)?Then, it will ask me to input the password:
[email protected]'s password:
Is there a way to input this automatically?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
对于简单的输入,例如两个提示和两个相应的固定响应,您还可以使用“此处文档”,其语法如下所示:
<<为模式添加前缀,在本例中为“!”。以该模式开头的行之前的所有内容都被解释为标准输入。这种方法类似于将多行 echo 通过管道传输到 ssh 的建议,不同之处在于它保存了 echo 命令的 fork/exec 并且我发现它更具可读性。另一个优点是它使用内置的 shell 功能,因此它不依赖于预期。
For simple input, like two prompts and two corresponding fixed responses, you could also use a "here document", the syntax of which looks like this:
The << prefixes a pattern, in this case '!'. Everything up to a line beginning with that pattern is interpreted as standard input. This approach is similar to the suggestion to pipe a multi-line echo into ssh, except that it saves the fork/exec of the echo command and I find it a bit more readable. The other advantage is that it uses built-in shell functionality so it doesn't depend on expect.
对于一般的命令行自动化,Expect 是经典工具。或者,如果您更熟悉 Python,请尝试 pexpect。
这是一个建议使用 Expect 的类似问题: 使用期望在 bash 脚本中为 SSH 命令提供密码
For general command-line automation, Expect is the classic tool. Or try pexpect if you're more comfortable with Python.
Here's a similar question that suggests using Expect: Use expect in bash script to provide password to SSH command
肯定有......使用spawn、expect和send命令:
Stack Overflow上有更多示例,请参阅:
bash 脚本中的 Expect 帮助
您可能需要安装这些命令首先,取决于您的系统。
There definitely is... Use the spawn, expect, and send commands:
There are more examples all over Stack Overflow, see:
Help with Expect within a bash script
You may need to install these commands first, depending on your system.
您还可以将答案通过管道传输到脚本:
其中
\n是转义序列Also you can pipe the answers to the script:
where
\nis escape-sequencessh-key with passphrase, with keychain
keychain 是一个小实用程序,它代表您管理 ssh-agent,并允许 ssh-agent 在登录会话结束时保持运行。在后续登录时,钥匙串将连接到现有的 ssh-agent 实例。实际上,这意味着仅在重新启动后首次登录时才必须输入密码。在后续登录中,将使用现有 ssh-agent 实例中的未加密密钥。这对于允许在 cron 作业中进行无密码 RSA/DSA 身份验证而无需无密码 ssh 密钥也很有用。
要启用钥匙串,请安装它并向 ~/.bash_profile 添加类似以下内容:
eval
keychain --agents ssh --eval id_rsa从安全角度来看,ssh-ident 和 keychain 比 ssh-agent 实例更糟糕,仅限于特定会话的生命周期,但它们提供了很高的便利性。为了提高钥匙串的安全性,有些人在 ~/.bash_profile 钥匙串调用中添加 --clear 选项。通过执行此操作,必须在登录时重新输入密码(如上所述),但 cron 作业在用户注销后仍然可以访问未加密的密钥。钥匙串 wiki 页面有更多信息和示例。
从以下位置获取此信息;
https://unix.stackexchange.com/ questions/90853/how-can-i-run-ssh-add-automatically-without-password-prompt
希望这有帮助
我个人能够在终端启动时自动输入我的密码this:(当然,您可以修改脚本并使其适合您的需要)
编辑 bashrc 文件以添加此脚本;
检查 SSH 代理是否处于唤醒状态
if [ -z "$SSH_AUTH_SOCK" ] ;然后
执行 ssh-agent bash -c "ssh-add ; $0"
echo "SSH代理被唤醒"
出口
菲
上面的行将在终端启动时启动expect脚本。
./ssh.exp
这是这个 Expect 脚本的内容
这是我的 keyadding.sh 脚本的内容(您必须将这两个脚本放在您的主文件夹中,通常是 /home/user)
我强烈建议对密码进行加密.exp 脚本以及出于安全目的将此 .exp 文件重命名为 term_boot.exp 或其他任何名称。 不要忘记使用 nano 或 vim 直接从终端创建文件(例如:
nano ~/.bashrc | nano term_boot.exp)以及一个chmod +x script.sh以使其可执行。chmod +r term_boot.exp也很有用,但您必须在 bashrc 文件中的 ./ssh.exp 之前添加 sudo 。因此,每次启动终端时,您都必须输入 sudo 密码。对我来说,它比密码更方便,因为我记得我的管理员(sudo)密码。另外,我认为还有另一种方法;
https://www.cyberciti.biz/faq/noninteractive -shell-script-ssh-password-provider/
当我有时间时,肯定会改变我的方法。
ssh-key with passphrase, with keychain
keychain is a small utility which manages ssh-agent on your behalf and allows the ssh-agent to remain running when the login session ends. On subsequent logins, keychain will connect to the existing ssh-agent instance. In practice, this means that the passphrase must be be entered only during the first login after a reboot. On subsequent logins, the unencrypted key from the existing ssh-agent instance is used. This can also be useful for allowing passwordless RSA/DSA authentication in cron jobs without passwordless ssh-keys.
To enable keychain, install it and add something like the following to ~/.bash_profile:
eval
keychain --agents ssh --eval id_rsaFrom a security point of view, ssh-ident and keychain are worse than ssh-agent instances limited to the lifetime of a particular session, but they offer a high level of convenience. To improve the security of keychain, some people add the --clear option to their ~/.bash_profile keychain invocation. By doing this passphrases must be re-entered on login as above, but cron jobs will still have access to the unencrypted keys after the user logs out. The keychain wiki page has more information and examples.
Got this info from;
https://unix.stackexchange.com/questions/90853/how-can-i-run-ssh-add-automatically-without-password-prompt
Hope this helps
I have personally been able to automatically enter my passphrase upon terminal launch by doing this: (you can, of course, modify the script and fit it to your needs)
edit the bashrc file to add this script;
Check if the SSH agent is awake
if [ -z "$SSH_AUTH_SOCK" ] ; then
exec ssh-agent bash -c "ssh-add ; $0"
echo "The SSH agent was awakened"
exit
fi
Above line will start the expect script upon terminal launch.
./ssh.exp
here's the content of this expect script
Here's the content of my keyadding.sh script (you must put both scripts in your home folder, usually /home/user)
I would HIGHLY suggest encrypting the password on the .exp script as well as renaming this .exp file to something like term_boot.exp or whatever else for security purposes. Don't forget to create the files directly from the terminal using nano or vim (ex:
nano ~/.bashrc | nano term_boot.exp) and also achmod +x script.shto make it executable. Achmod +r term_boot.expwould be also useful but you'll have to add sudo before ./ssh.exp in your bashrc file. So you'll have to enter your sudo password each time you launch your terminal. For me, it's more convenient than the passphrase cause I remember my admin (sudo) password by the hearth.Also, here's another way to do it I think;
https://www.cyberciti.biz/faq/noninteractive-shell-script-ssh-password-provider/
Will certainly change my method for this one when I'll have the time.
您可以按如下方式编写expect脚本:
并运行它:
You can write the expect script as follow:
And run it as:
如果是 sudo 密码 - 最简单的:
将
If it is for sudo password - simplest of all:
transform
<your-command>into this: