在 IIS/Windows 上从 perl 运行时,plink 的主机密钥未缓存在注册表中
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4877143/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
plink's host key is not cached in the registry when run from perl on IIS/Windows
提问by Guillaume Filion
I'm trying to start a perl script on another server from a web page and I'm having problems with plink: it doesn't seem to remember the host key when run from the IUSR_ user.
我正在尝试从网页在另一台服务器上启动 perl 脚本,但我遇到了 plink 问题:从 IUSR_ 用户运行时,它似乎不记得主机密钥。
I managed to reduce the problem this:
我设法减少了这个问题:
print "Content-Type:text/plain\n\n";
open(PLINK, "| \"C:\Program Files\PuTTY\plink.exe\" -pw sanitized Administrator\@serveurftp.a.b.c whoami") or die "Can't fork: $!";
sleep(1);
print PLINK "y\n";
close(PLINK);
When calling this script from a web page, I always get this:
从网页调用这个脚本时,我总是得到这个:
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
ssh-rsa 2048 cb:eb:dc:1b:9e:1c:6b:fa:63:fb:2e:ba:2c:61:26:c4
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
connection.
Store key in cache? (y/n) serveurftp\administrator
I should only be getting this on the first time, and only "serveurftp\administrator" afterwards, but it looks like plink can't store the host key when it's run from IIS.
我应该只在第一次得到这个,然后只得到“serveurftp\administrator”,但看起来 plink 在从 IIS 运行时无法存储主机密钥。
Do you guys have any idea on how to work around this?
你们对如何解决这个问题有任何想法吗?
回答by mob
In a case like this, an application will often try to read the y/n response from the console (or in Unix speak, tty) and not necessarily from standard input, so the program is probably not registering the "y" response that you pipe to it.
在这种情况下,应用程序通常会尝试从控制台(或在 Unix 中为 tty)而不一定从标准输入读取 y/n 响应,因此该程序可能没有注册您的“y”响应管它。
Some workarounds might be:
一些解决方法可能是:
- Run the command as the IIS userfrom the command-line. Maybe that will persist the host for the call from the webserver.
- Run the command from the command-line as yourself. Find your user's cache file and copy the key from that file into the administrator's cache file.
- If your webserver program has a console window on your machine, try accessing this script from a browser and then typing "y" into that console window when the script reaches the point where it is prompting you for this response (this probably won't work because the program might already be running in a child process, but it might be worth a try)
- 从命令行以 IIS 用户身份运行命令。也许这将使主机持久化来自网络服务器的调用。
- 以您自己的身份从命令行运行该命令。找到您用户的缓存文件并将该文件中的密钥复制到管理员的缓存文件中。
- 如果您的网络服务器程序在您的机器上有一个控制台窗口,请尝试从浏览器访问此脚本,然后在脚本到达提示您进行此响应的位置时在该控制台窗口中键入“y”(这可能不起作用)因为该程序可能已经在子进程中运行,但可能值得一试)
回答by user2945935
Solution provided here (thanks to Dean Grant):
此处提供的解决方案(感谢 Dean Grant):
Accept server host key when automating SSH session using PuTTY Plink
回答by scrith
I am spawning plink.exe inside a tcl script (along with Expect commands), so I wasn't able to use pipe | because tcl doesn't recognize it. I achieved same thing by spawning plink, pushing a "y", exiting, and then spawning plink again.
我在 tcl 脚本中生成 plink.exe(以及 Expect 命令),所以我无法使用管道 | 因为 tcl 不认识它。我通过生成 plink,按下“y”,退出,然后再次生成 plink 来实现相同的目的。
#Push a "y" to overcome ssh host key challenge
spawn plink -ssh 192.168.1.1 -l username -pw password
send -s "y\r"
send -s "exit\r"
#ssh into host
spawn plink -ssh 192.168.1.1 -l username -pw password
