用共享的秘密在窗户上的Rust中创建一个独立的过程
我有一台服务器在开始侦听时生成用于加密和身份验证的秘密键。它通过Stdout共享此键,希望服务器启动使用SSH,因此您可以捕获键并从远程计算机中使用它。
# Will bind to some open port, generate a key, and share it over stdout
distant server listen
# Prints out {port} {key}
# e.g. 1234 abcdef123456789
这是灵感来自 mosh ,该过程遵循SSH的类似过程,将其带入远程计算机(带出远程计算机)(卵)(带出来)叉子本身可以从SSH会话分离),然后打印一条特定的行mosh connect {port} {key}如下
$ mosh-server
MOSH CONNECT 60001 iurF5lS6EVGE/ebYS4j6dQ
mosh-server (mosh 1.3.2) [build mosh-1.3.2]
Copyright 2012 Keith Winstein <[email protected]>
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
[mosh-server detached, pid = 16165]
: 我可以在UNIX上进行
基于UNIX的系统的过程,我可以使用叉状逻辑,例如 fork Crate 与sshd终止的父壳或关联的外壳终止时不会终止的新过程。叉子让我可以在将打印到控制台和守护程序的过程之间共享生成的键。
如何在Windows上弄清楚该过程?
在Windows上,我正在努力找出一种与创建的子过程共享生成的键的方法,或者将生成的键从子过程传达回原始控制台。我已经使用了 creation flags <代码> create_new_process_group 和dictached_process在子过程中产生一个子进程当壳退出时不会终止的背景,但是现在子进程无法通过stdin(接收密钥)或Stdout(报告密钥)进行通信。
更新:即使上述分离的过程和新的进程组,似乎在关闭SSH会话后,从连接到Windows上运行的OpenSSH服务器的外壳创建此过程。除了Windows服务外,还有什么方法可以创建一个背景过程,该过程将在SSH会话期间创建?
Windows代码
use std::{
os::windows::process::CommandExt,
process::{Command, Stdio},
};
const DETACHED_PROCESS: u32 = 0x00000008;
const CREATE_NEW_PROCESS_GROUP: u32 = 0x00000200;
const CREATE_NO_WINDOW: u32 = 0x08000000;
// Spawn a child process that is not attached to this console or parent so it can keep
// running even after the parent process and even the associated shell have exited
//
// Inheriting stdin/stdout/stderr does nothing when we use DETACHED_PROCESS. Is there
// a secure way to communicate with the child to either feed it a key or receive a key
// from it?
//
// Does CREATE_NEW_PROCESS_GROUP successfully daemonize without DETACHED_PROCESS? If so,
// can I use it to stay connected to the existing console?
let child = Command::new(program)
.creation_flags(DETACHED_PROCESS | CREATE_NEW_PROCESS_GROUP | CREATE_NO_WINDOW)
.args(args)
.stdin(Stdio::inherit())
.stdout(Stdio::inherit())
.stderr(Stdio::inherit())
.spawn()?;
I've got a server that generates a secret key used for encryption and authentication when it begins listening. It shares this key over stdout with the expectation that the server is started using SSH so you can capture the key and use it from a remote machine.
# Will bind to some open port, generate a key, and share it over stdout
distant server listen
# Prints out {port} {key}
# e.g. 1234 abcdef123456789
This was inspired by mosh, which follows a similar process by ssh'ing into a remote machine, spawning a mosh server (which forks itself to detach from the ssh session), and printing out a specific line MOSH CONNECT {port} {key} like below:
$ mosh-server
MOSH CONNECT 60001 iurF5lS6EVGE/ebYS4j6dQ
mosh-server (mosh 1.3.2) [build mosh-1.3.2]
Copyright 2012 Keith Winstein <[email protected]>
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
[mosh-server detached, pid = 16165]
Daemonizing the process on Unix
On Unix-based systems, I can use forking logic such as with the fork crate to create a new process that won't terminate when the parent or associated shell tied to sshd terminates. The fork lets me share the generated key between the process that will print to the console and the daemonized process.
How to daemonize the process on Windows?
On Windows, I'm struggling to figure out a way to either share a generated key with a created child process or communicate a generated key from the child process back to the original console. I've used the creation flags CREATE_NEW_PROCESS_GROUP and DETACHED_PROCESS to spawn a child process in the background that won't terminate when the shell exits, but now the child process cannot communicate over stdin (to receive a key) or stdout (to report a key).
Update: even with the above detached process and new process group, it seems like creating this process from a shell connected to an OpenSSH server running on Windows still does not survive once the ssh session has been closed. Other than a Windows service, is there any way to create a background process that will survive being created during an ssh session?
Windows code
use std::{
os::windows::process::CommandExt,
process::{Command, Stdio},
};
const DETACHED_PROCESS: u32 = 0x00000008;
const CREATE_NEW_PROCESS_GROUP: u32 = 0x00000200;
const CREATE_NO_WINDOW: u32 = 0x08000000;
// Spawn a child process that is not attached to this console or parent so it can keep
// running even after the parent process and even the associated shell have exited
//
// Inheriting stdin/stdout/stderr does nothing when we use DETACHED_PROCESS. Is there
// a secure way to communicate with the child to either feed it a key or receive a key
// from it?
//
// Does CREATE_NEW_PROCESS_GROUP successfully daemonize without DETACHED_PROCESS? If so,
// can I use it to stay connected to the existing console?
let child = Command::new(program)
.creation_flags(DETACHED_PROCESS | CREATE_NEW_PROCESS_GROUP | CREATE_NO_WINDOW)
.args(args)
.stdin(Stdio::inherit())
.stdout(Stdio::inherit())
.stderr(Stdio::inherit())
.spawn()?;
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论