bash ssh-keygen 接受标准输入
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2635360/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
ssh-keygen accepting stdin
提问by Ryan
I am trying to call ssh-keygenusing a variable through bashas an input instead of a file to get a fingerprint of a public key. I am aware that I could use a temp file to get around this issue, but for reasons out of scope of this question, I do not want to.
我正在尝试ssh-keygen使用变量bash作为输入而不是文件来调用以获取公钥的指纹。我知道我可以使用临时文件来解决这个问题,但由于超出了这个问题的范围,我不想这样做。
This method does notwork as it says the key file is invalid (it's correct for sure)
这种方法确实没有,因为它说,关键文件是无效的工作(这是正确的肯定)
echo $pubkey | ssh-keygen -lf /dev/stdin
This doeswork, but is not using a variable, rather a file.
这确实有效,但不是使用变量,而是使用文件。
ssh-keygen -lf alpha.pub
This doeswork, but is not using a variable, rather a redirected file.
这确实有效,但不是使用变量,而是重定向文件。
ssh-keygen -lf /dev/stdin < alpha.pub
This does notwork because I get an ambiguous redirect
这并没有工作,因为我得到一个模棱两可的重定向
ssh-keygen -lf /dev/stdin < $(echo $pubkey)
I would appreciate some insight as to how to get ssh-keygen to read from a variable with a public key and if possible, an explanation as to why the redirects aren't doing what I think they should be doing. In specific why the |behaves differently than the <and why the third example is an ambiguous redirect. I searched online but many of the redirect tutorials didn't seem to answer my questions.
我很感激有关如何让 ssh-keygen 使用公钥从变量中读取的一些见解,如果可能的话,解释一下为什么重定向没有做我认为他们应该做的事情。具体来说为什么 the 的|行为与the不同<以及为什么第三个示例是ambiguous redirect. 我在网上搜索,但许多重定向教程似乎没有回答我的问题。
采纳答案by Jürgen H?tzel
echo $pubkey | ssh-keygen -lf /dev/stdin
/dev/stdin is not a public key file.
/dev/stdin is actually a unix pipe, not a regular file, so ssh-keygen fails to open the file
/dev/stdin 实际上是unix管道,不是普通文件,所以ssh-keygen无法打开文件
ssh-keygen -lf /dev/stdin <<<$key
1024 92:6a:3f:5c:1f:78:.....
/dev/stdin refers to a regular file, created by using a bash heredoc. You can verify this:
/dev/stdin 指的是使用 bash heredoc 创建的常规文件。您可以验证这一点:
# ls -l /dev/stdin <<<$pubkey
lrwxrwxrwx 1 root root 15 Feb 11 08:07 /dev/stdin -> /proc/self/fd/0
# ls -l /proc/self/fd/0 <<<$pubkey
lr-x------ 1 juergen juergen 64 Apr 14 13:31 /proc/self/fd/0 -> /tmp/sh-thd-1271250023 (deleted)
回答by Jan Fabry
Since version 7.2 (released on on 2016-02-28), this is now possible by passing -as the file name. From the release notes:
自 7.2 版(于 2016 年 2 月 28 日发布)以来,现在可以通过-作为文件名传递。从发行说明:
- ssh-keygen(1): allow fingerprinting from standard input, e.g.
ssh-keygen -lf -
- ssh-keygen(1):允许从标准输入进行指纹识别,例如
ssh-keygen -lf -
回答by tylerl
If you want to redirect a string as stdin, use this syntax:
如果要将字符串重定向为 stdin,请使用以下语法:
cmd <<< "some $STR here"
If you want to redirect the output of a command as if it was a file, you do it like this:
如果要将命令的输出重定向为文件,请执行以下操作:
cmd <( /bin/somecmd )
And if you want to use a command as an OUTPUT file, it's more or less the same:
如果您想将命令用作 OUTPUT 文件,它或多或少是相同的:
cmd >( /bin/othercmd )
回答by htaccess
Here is a one liner using the file /dev/stdinas described in other answers.
这是使用/dev/stdin其他答案中描述的文件的单衬。
$ ssh-keygen -lf /dev/stdin <<< $( ssh-keygen -f ~/.ssh/keyname.pem -y )
2048 14:df:c7:b7:f1:26:7f:87:d5:e7:10:6c:ac:af:a2:03 /dev/stdin (RSA)
Note that this will break with private keys that use a passphrase. It will work with pem files generated by AWS or OpenStack which do not use passphrases.
请注意,这会破坏使用密码短语的私钥。它将与 AWS 或 OpenStack 生成的不使用密码短语的 pem 文件一起使用。
回答by The Monster
I would recommend using a temporary file. The issue is that redirecting, BASH expects a file. By using $(echo $pubkey), bash will complain because when it's done with the substitution, it will look for a file of that name that the substitution creates.
我建议使用临时文件。问题是重定向,BASH 需要一个文件。通过使用 $(echo $pubkey),bash 会抱怨,因为当它完成替换时,它会查找替换创建的具有该名称的文件。
