sshpass: Ohun elo ti o dara julọ fun Wiwọle Wiwọle SSH ti kii ṣe ibaraenisọrọ - Maṣe Lo lori Server Production
Ni ọpọlọpọ awọn ọran, awọn alakoso eto Lainos buwolu wọle si awọn olupin Linux latọna jijin nipa lilo SSH boya nipa fifun ọrọ igbaniwọle kan, tabi wiwọle iwọle SSH ti ko ni ọrọigbaniwọle, tabi ijẹrisi SSH ti o ni orisun bọtini.
Kini ti o ba fẹ lati pese ọrọ igbaniwọle kan pẹlu orukọ olumulo si tọ SSH funrararẹ? eyi ni ibi ti sshpass wa si igbala.
sshpass jẹ ohun elo laini aṣẹ aṣẹ ti o rọrun ati iwuwo fẹẹrẹ ti o fun wa laaye lati pese ọrọ igbaniwọle (ijẹrisi ọrọigbaniwọle ti kii ṣe ibanisọrọ) si aṣẹ tọ funrararẹ, ki awọn iwe ikarahun adaṣe adaṣe le ṣee ṣe lati mu awọn afẹyinti nipasẹ oluṣeto cron.
ssh nlo iraye si TTY taara lati rii daju pe o ti pese ọrọ igbaniwọle gangan nipasẹ olumulo patako itẹwe ibanisọrọ kan. Sshpass gbalaye ssh ninu tty ti o ni iyasọtọ, ṣi i ni gbigbagbọ pe o ngba ọrọ igbaniwọle lati olumulo ibanisọrọ kan.
Pataki: Lilo sshpass ka lati ni aabo ti o kere julọ, bi o ṣe ṣafihan ọrọ igbaniwọle si gbogbo awọn olumulo eto lori laini aṣẹ pẹlu aṣẹ “ps” ti o rọrun. Mo ṣeduro ni gíga nipa lilo ijẹrisi aini-ọrọ SSH.
Fi sshpass sori Awọn ọna Linux
Ninu awọn eto ipilẹ RedHat/CentOS, akọkọ o nilo lati yum aṣẹ bi o ti han.
# yum install sshpass # dnf install sshpass [On Fedora 22+ versions]
Lori Debian/Ubuntu ati awọn itọsẹ rẹ, o le fi sii nipa lilo aṣẹ-gba aṣẹ bi o ti han.
$ sudo apt-get install sshpass
Ni omiiran, o le fi sori ẹrọ lati orisun lati ni ẹya tuntun ti sshpass, kọkọ gba koodu orisun ati lẹhinna yọ awọn akoonu ti faili oda kuro ki o fi sii bii:
$ wget http://sourceforge.net/projects/sshpass/files/latest/download -O sshpass.tar.gz $ tar -xvf sshpass.tar.gz $ cd sshpass-1.06 $ ./configure # sudo make install
Bii o ṣe le Lo sshpass ni Lainos
sshpass ti lo pọ pẹlu ssh, o le wo gbogbo awọn aṣayan lilo sshpass pẹlu awọn apejuwe ni kikun nipasẹ ipinfunni aṣẹ ni isalẹ:
$ sshpass -h
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters -f filename Take password to use from file -d number Use number as file descriptor for getting password -p password Provide password as argument (security unwise) -e Password is passed as env-var "SSHPASS" With no parameters - password will be taken from stdin -h Show help (this screen) -V Print version information At most one of -f, -d, -p or -e should be used
Gẹgẹbi Mo ti sọ tẹlẹ, sshpass jẹ igbẹkẹle diẹ sii ati iwulo fun awọn idi afọwọkọ, ronu awọn aṣẹ apẹẹrẹ ni isalẹ.
Wọle si olupin Linux ssh latọna jijin (10.42.0.1) pẹlu orukọ olumulo ati ọrọ igbaniwọle ati ṣayẹwo lilo faili disiki-faili ti eto latọna jijin bi o ti han.
$ sshpass -p 'my_pass_here' ssh [email 'df -h'
Pataki: Nibi, a ti pese ọrọ igbaniwọle lori laini aṣẹ eyiti o jẹ aiṣe aabo lailewu ati lilo aṣayan yii ko ṣe iṣeduro.
Sibẹsibẹ, lati yago fun fifihan ọrọigbaniwọle loju iboju, o le lo asia -e ki o tẹ ọrọ igbaniwọle sii bi iye ti iyipada ayika SSHPASS bi isalẹ:
$ export SSHPASS='my_pass_here' $ echo $SSHPASS $ sshpass -e ssh [email 'df -h'
Akiyesi: Ninu apẹẹrẹ loke, oniyipada agbegbe ayika SSHPASS jẹ fun idi igba nikan ati pe yoo yọkuro lakoko atunbere.
Lati ṣeto oniyipada agbegbe SSHPASS patapata, ṣii faili profaili/ati be be/ki o tẹ gbólóhùn si okeere ni ibẹrẹ faili naa:
export SSHPASS='my_pass_here'
Fipamọ faili naa ki o jade, lẹhinna ṣiṣe aṣẹ ni isalẹ lati ṣe awọn ayipada:
$ source /etc/profile
Ni apa keji, o tun le lo asia -f ki o fi ọrọ igbaniwọle sinu faili kan. Ni ọna yii, o le ka ọrọ igbaniwọle lati faili bi atẹle:
$ sshpass -f password_filename ssh [email 'df -h'
O tun le lo sshpass si afẹyinti/muuṣiṣẹpọ awọn faili lori rsync nipa lilo SSH bi o ṣe han:
------- Transfer Files Using SCP ------- $ scp -r /var/www/html/example.com --rsh="sshpass -p 'my_pass_here' ssh -l aaronkilik" 10.42.0.1:/var/www/html ------- Backup or Sync Files Using Rsync ------- $ rsync --rsh="sshpass -p 'my_pass_here' ssh -l aaronkilik" 10.42.0.1:/data/backup/ /backup/
Fun lilo diẹ sii, Mo daba fun ọ lati ka nipasẹ oju-iwe eniyan sshpass, tẹ:
$ man sshpass
Ninu nkan yii, a ṣalaye sshpass ohun elo ti o rọrun ti o jẹ ki ijẹrisi ọrọigbaniwọle ti kii ṣe ibaraenisọrọ. Botilẹjẹpe, awọn irinṣẹ yii le ṣe iranlọwọ, o ni iṣeduro niyanju lati lo ẹrọ idanimọ bọtini gbangba ti aabo ssh diẹ sii.
Jọwọ, maṣe fi ibeere kan silẹ tabi sọ asọye nipasẹ apakan esi ni isalẹ fun eyikeyi awọn ijiroro siwaju.