sshpass 绕过ssh 密码交互式验证
2024-10-13 00:47:38
经常我们使用脚本登入服务器的时候,如果使用ssh 命令,经常会提示密码输入,我们不得不手动输入密码,因为ssh 没有 密码的选项。
为了能绕过交互式验证,我们使用sshpass命令解决这个问题:
1. 安装
➜ Desktop sudo yum install sshpass
[sudo] password for xuyaowen:
Last metadata expiration check: :: ago on Mon Jul :: AM CST.
Package sshpass-1.06-.fc28.x86_64 is already installed, skipping.
Dependencies resolved.
Nothing to do.
Complete!
检查是否安装
[root@yaowenxu Desktop]# rpm -qa sshpass
sshpass-1.06-.fc28.x86_64
2. 查看 sshpass 命令帮助, 也可以使用 man sshpass
NAME
sshpass - noninteractive ssh password provider SYNOPSIS
sshpass [-ffilename|-dnum|-ppassword|-e] [options] command arguments DESCRIPTION
This manual page documents the sshpass command. sshpass is a utility designed for running ssh using the mode referred to as "keyboard-interactive" password authentication, but in non-interactive mode. ssh uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user. Sshpass runs ssh in a dedicated tty, fooling
it into thinking it is getting the password from an interactive user. The command to run is specified after sshpass' own options. Typically it will be "ssh" with arguments, but it can just as well be any other command. The
password prompt used by ssh is, however, currently hardcoded into sshpass.
[root@yaowenxu Desktop]# sshpass
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
-f filename Take password to use from file
-d number Use number as file descriptor for getting password
-p password Provide password as argument (security unwise)
-e Password is passed as env-var "SSHPASS"
With no parameters - password will be taken from stdin -P prompt Which string should sshpass search for to detect a password prompt
-v Be verbose about what you're doing
-h Show help (this screen)
-V Print version information
At most one of -f, -d, -p or -e should be used
3. 使用密码验证登录
➜ ~ sshpass -p ssh root@10.66.65.15
4. ssh 第一次登录提示问题使用:
ssh -o StrictHostKeyChecking=no
来解决
➜ Desktop sshpass -p ssh -o StrictHostKeyChecking=no root@10.66.8.142
Warning: Permanently added '10.66.8.142' (ECDSA) to the list of known hosts.
Last login: Mon Jul ::
5. 优缺点
优点: 快速,便捷
缺点: 密码明文暴露,可以使用 history 命令查找到
最新文章
- JavaScript对寄生组合式继承的理解
- php5.6 一键编译
- mysql 重置root密码
- 【转载】最完美解决Nginx部署ThinkPHP项目的办法
- WCF的三个名称/命名空间,你是否傻傻分不清楚?
- Eclipse创建java web工程配置Tomacat和JDK 【转】
- PHP获取Cookie模拟登录CURL
- ArcMap10.1修改要素属性字段
- POJ1329题
- Python中else语句块(和if、while、for、try搭配使用)
- 十分钟让你的ASP.NET MVC网站变成PHP
- Struts2配置dtd约束
- .NET Core 必备安全措施
- selenium使用技巧
- 【2018.05.10 智能驾驶/汽车电子】AutoSar Database-ARXML及Vector Database-DBC的对比
- UVa 122 Trees on the level(链式二叉树的建立和层次遍历)
- CI框架 default_controller 如何设置为:'目录/Controller' 转
- 【WEB前端开发最佳实践系列】JavaScript篇
- React 属性和状态的一些总结
- POJ 1753 Flip Game(bfs+位压缩运算)