我需要创建一个自动向OpenSSH ssh客户端输入密码的脚本。
假设我需要使用密码a1234b SSH到myname@somehost。
我已经试过了……
#~/bin/myssh.sh
ssh myname@somehost
a1234b
...但这并不奏效。
如何将此功能放入脚本中?
我需要创建一个自动向OpenSSH ssh客户端输入密码的脚本。
假设我需要使用密码a1234b SSH到myname@somehost。
我已经试过了……
#~/bin/myssh.sh
ssh myname@somehost
a1234b
...但这并不奏效。
如何将此功能放入脚本中?
当前回答
在脚本中使用脚本tossh,第一个参数是主机名,第二个参数是密码。
#!/usr/bin/expect
set pass [lindex $argv 1]
set host [lindex $argv 0]
spawn ssh -t root@$host echo Hello
expect "*assword: "
send "$pass\n";
interact"
其他回答
我想我没有看到任何人提出这个建议,而操作人员只是说“脚本”,所以……
我需要解决同样的问题,而我最舒服的语言是Python。
我用了paramiko图书馆。此外,我还需要使用sudo发布需要升级权限的命令。事实证明,sudo可以通过“-S”标志通过stdin接受其密码!见下文:
import paramiko
ssh_client = paramiko.SSHClient()
# To avoid an "unknown hosts" error. Solve this differently if you must...
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
# This mechanism uses a private key.
pkey = paramiko.RSAKey.from_private_key_file(PKEY_PATH)
# This mechanism uses a password.
# Get it from cli args or a file or hard code it, whatever works best for you
password = "password"
ssh_client.connect(hostname="my.host.name.com",
username="username",
# Uncomment one of the following...
# password=password
# pkey=pkey
)
# do something restricted
# If you don't need escalated permissions, omit everything before "mkdir"
command = "echo {} | sudo -S mkdir /var/log/test_dir 2>/dev/null".format(password)
# In order to inspect the exit code
# you need go under paramiko's hood a bit
# rather than just using "ssh_client.exec_command()"
chan = ssh_client.get_transport().open_session()
chan.exec_command(command)
exit_status = chan.recv_exit_status()
if exit_status != 0:
stderr = chan.recv_stderr(5000)
# Note that sudo's "-S" flag will send the password prompt to stderr
# so you will see that string here too, as well as the actual error.
# It was because of this behavior that we needed access to the exit code
# to assert success.
logger.error("Uh oh")
logger.error(stderr)
else:
logger.info("Successful!")
希望这能帮助到一些人。我的用例是在大约300台服务器上创建目录、发送和解压文件以及启动程序。因此,自动化至关重要。我试过sshpass, expect,然后想到了这个。
我得到了这个工作如下
.ssh/config被修改以消除是/否提示-我在防火墙后面,所以我不担心欺骗ssh密钥
host *
StrictHostKeyChecking no
为expect创建一个响应文件,即answer.expect
set timeout 20
set node [lindex $argv 0]
spawn ssh root@node service hadoop-hdfs-datanode restart
expect "*?assword {
send "password\r" <- your password here.
interact
创建bash脚本并在文件中调用expect
#!/bin/bash
i=1
while [$i -lt 129] # a few nodes here
expect answer.expect hadoopslave$i
i=[$i + 1]
sleep 5
done
获取128个用新配置刷新的hadoop datanode -假设您正在为hadoop/conf文件使用NFS挂载
希望这能帮助到一些人——我是一个Windows傻瓜,这花了我大约5个小时才弄明白!
# create a file that echo's out your password .. you may need to get crazy with escape chars or for extra credit put ASCII in your password...
echo "echo YerPasswordhere" > /tmp/1
chmod 777 /tmp/1
# sets some vars for ssh to play nice with something to do with GUI but here we are using it to pass creds.
export SSH_ASKPASS="/tmp/1"
export DISPLAY=YOURDOINGITWRONG
setsid ssh root@owned.com -p 22
参考:https://www.linkedin.com/pulse/youre-doing-wrong-ssh-plain-text-credentials-robert-mccurdy?trk=mp-reader-card
@abbotto的答案对我不起作用,不得不做一些不同的事情:
Yum install sshpass更改为- RPM -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/sshpass-1.05-1.el6.x86_64.rpm 使用sshpass的命令修改为- sshpass -p "pass" SSH user@mysite -p 2122
Sshpass + autossh
前面提到的sshpass的一个好处是,您可以将它与autossh一起使用,从而消除了更多交互效率低下的问题。
sshpass -p mypassword autossh -M0 -t myusername@myserver.mydomain.com
这将允许自动重新连接,如果你的wifi被打断,关闭你的笔记本电脑。
有一个跳转主机
sshpass -p `cat ~/.sshpass` autossh -M0 -Y -tt -J me@jumphost.mydomain.com:22223 -p 222 me@server.mydomain.com