bash 将 SSH 中的私钥指定为字符串
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/12041688/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Specify private key in SSH as string
提问by rtacconi
I can connect to a server via SSH using the -i option to specify the private key:
我可以使用 -i 选项通过 SSH 连接到服务器以指定私钥:
ssh -i ~/.ssh/id_dsa user@hostname
I am creating a script that takes the id_dsatext from the database but I am not sure how I can give that string to SSH. I would need something like:
我正在创建一个id_dsa从数据库中获取文本的脚本,但我不确定如何将该字符串提供给 SSH。我需要类似的东西:
ssh --option $STRING user@hostname
Where $STRINGcontains the value of id_dsa. I need to know the --optionif there is one.
其中$STRING包含 的值id_dsa。我需要知道--option是否有。
采纳答案by Kimvais
There is no such switch - as it would leak sensitive information. If there were, anyonecould get your privatekey by doing a simple pscommand.
没有这样的开关 - 因为它会泄露敏感信息。如果有的话,任何人都可以通过执行一个简单的命令来获取您的私钥ps。
EDIT: (because of theg added details in comment)
编辑:(因为theg在评论中添加了详细信息)
You really should store the key in to a temporary file. Make sure you set the permissions correctly before writing to the file, if you do not use command like mktempto create the temporary file.
您确实应该将密钥存储到临时文件中。如果您不使用类似命令mktemp创建临时文件,请确保在写入文件之前正确设置权限。
Make sure you run the broker (or agent in case of OpenSSH) process and load the key using <whatever command you use to fetch it form the database> | ssh-add -
确保您运行代理(或在 OpenSSH 情况下的代理)进程并使用加载密钥 <whatever command you use to fetch it form the database> | ssh-add -
回答by user2132025
Try the following:
请尝试以下操作:
echo $KEY | ssh -i /dev/stdin username@host command
The key doesn't appear from a PS statement, but because stdin is redirected it's only useful for single commands or tunnels.
密钥不会出现在 PS 语句中,但由于 stdin 被重定向,因此它仅对单个命令或隧道有用。
回答by SAGAR BHOOSHAN
Passing cryptokey as a string is not advisable but for the sake of the question, I would say I came across the same situation where I need to pass key as a string in a script. I could use key stored in a file too but the nature of the script is to make it very flexible, containing everything in itself was a requirement. so I used to assign variable and pass it and echo it as follows :
不建议将加密密钥作为字符串传递,但为了这个问题,我会说我遇到了同样的情况,我需要在脚本中将密钥作为字符串传递。我也可以使用存储在文件中的密钥,但脚本的本质是使其非常灵活,包含所有内容本身是一项要求。所以我曾经分配变量并传递它并回显如下:
#!/bin/bash
KEY="${ YOUR SSH KEY HERE INSIDE }"
echo "${KEY}" | ssh -q -i /dev/stdin username@IP 'hostnamectl'
exit 0
Notes:
-qsuppress all warnings
注意:
-q禁止所有警告
By the way , the catch here in above script, since we are using echo it will print the ssh key which is again not recommended , to hide that you can use grep to grep some anything which will not be printed for sure but still stdinwill have the value from the echo. So the final cmd can be modified as follows :
顺便说一下,上面脚本中的问题,因为我们使用的是 echo,它会打印 ssh 密钥,这也是不推荐的,为了隐藏你可以使用 grep 来 grep 一些肯定不会打印但仍然stdin会有的东西来自回声的值。所以最终的 cmd 可以修改如下:
#!/bin/bash
KEY="${ YOUR SSH KEY HERE INSIDE }"
echo "${KEY}" | grep -qw "less" | ssh -q -i /dev/stdin username@IP 'hostnamectl'
exit 0
This worked for me.
这对我有用。
