![](https://www.alaica.com/wp-content/uploads/linux-44.png)
如何在 shell 脚本本身中添加 RSA 或 DSA 密钥文件以进行连接,以便我只需要在 USB 笔驱动器上携带一个文件,而不是在 Unix / Linux 操作系统下的 $HOME/.ssh/id_rsa 文件?
![](https://www.alaica.com/wp-content/uploads/linux-12.gif)
Linux / Unix / Apple OS X / BSD 操作系统将您的 rsa / dsa 私钥和公钥存储在 $HOME/.ssh/ 目录中。您可以使用以下语法来指定 ssh 命令使用的 RSA 或 DSA 身份验证的身份(私钥)的文件:
ssh -i / path / to / your / rsa_or_dsa_file 用户@ server1.example.com
协议版本 2的默认值为~/.ssh/id_rsa 和 ~/.ssh/id_dsa。
Shell 脚本 Hack 在脚本本身中携带 ~/.ssh/id_rsa 和 ~/.ssh/id_dsa
shell脚本语法如下:
#!/bin/ bash / usr / bin / ssh -i $ 0 user@server1.example.com退出 #################################################### ### 在此处附加 ~/.ssh/id_rsa 或 ~/.ssh/id_dsa ### ############################### ##################### -----开始RSA私钥----- -----结束RSA 私钥-----
现在只需运行一个脚本,它将连接到名为 server1.example.com 的远程服务器:
$ ./path/to/your/script
示例外壳脚本
我使用以下命令来救援或连接到名为 nas.example.com 的家庭服务器:
![警告 shell 脚本示例可能会暴露您的密钥](https://www.alaica.com/wp-content/uploads/linux-45.png)
#!/bin/bash _me = " ${0##*/} " _user = "root" _port = "22" _server = "nas.example.com" _args = "$@" ## 服务器名称验证 ## 主机$_server &>/ dev / null [ $? -ne 0 ] && { echo "未找到服务器 ' $_server '。在$_me脚本中设置正确的$ _server 。" ; 1号出口 ;} ## Get in ## ssh -i "${_me}" -p $_port ${_user}@${_server} "$_args" exit ### Replace this with your actual key. This is not a valid key :P ### -----BEGIN RSA PRIVATE KEY----- MIIEpgIBAAKCAQEAxPzlOsgLM72jv93rj7Tcw5Sj6V797mLL7GoZKcQIFeo2e3G7 q69bTcaDwnaxf7vTCWdcJbgrQRGbZ6w1EzuB5xC0YYVF2TGlWu1L9n8rGvJQm0OH tyMMi+O5i+2VwED4gDaLuBE83IZpeaHn6PmSbV3JGstz4QkeW/PqT5XJyCS2qHzo lWkY/SGXXPn9rM+U5KOAwIdetMQooGdZGkaAWbqmm6Ujsqz6IeKOnP0sQNvvyvpv UQogLGnJDdI+hrhOtzVZ+qiHmUlJC8EgiWedRz3mFF9G3Z1LSUqR++NAGmGuZFph utrKNR9LRqis4FzqkGb9rpaT5749yZRqQgJdwwIDAQABAoIBAQCvFDaIsBOEwSAw /4TGDPHJwuqMGKmInrawQPxsapblI22Y+dTbGtgDoFSrGeNYrA89ZGg5/h4zjvqY gi4KEfG69NXddx5FlCJrVk0VoKEnKgcKeFK/Kp+UFapr+5YFcblr+w7jYi69sZk9 SfFc17SVD64V6o3rjLc28utmILNe9fHmyLyLuaOvrwrWu1qxds9npDEPHks+0PUN xaeFzI5zPqWQfiu7j3FjsG2h1QCGL/Uqd5+IYSCqouOgsWCD10PFlryKc9+3PXFU ZrvB2+U0/LmFcI3+MYgGsCiL3zQzOWZg6hV6mNCHXh5yq4SskKKsntpclF2nrWWx fUQ07ccBAoGBAPRd9nwUf8tobEGdRSKYM+JqL+DN7yUKqbZsrho9sfvxg537DZRo 24BFRD6GmnZWFq0pgTymDNIyGNI4NNj44VR+oqE4sfsQHRoJ2IJidgDvbZGJqo9Zu Uib40IdXvYe6rwgjfBaksVUkPNkUZuDGsWuFXvDsZ6ECOl4VHSm5dSPzAoGBAM5d iPnTwZwoXk2H/F1uwHiBm8ZB6x9FofiN06sf3Und1oQT74LwiHZL/1BA2Oh/kMls blwfHry3HCBXuFLudd4AV1y9XlonUA4OgcPm4KJJoWfOiRwyZgMNUf9oTl1neo/q p2pkwIauKUSXH1flZhgATQnKPZnIh6XEIlnNxeLxAoGBAIS/rrEFKc9EMNsMJox+ hmEPMmc7OBi1TDCvpXzX2yJ0tv1RbrUaqXNrLYGR+cMjTTpQe8aIphph4J4CrqLX wQD3sj1GvUZ7FVC1/0so9IqPyl60c8B/Od21+QItJebgAUm4jSZ33WXVQ8Dhlmmx RpyUXVkf88PBxBdr/OW3u+0FAoGBAKNB/iZerxGiIhDGHxGvl5b+OkVbSu5fgScI 1MWiaizQ0m+E8fut3Ndxghd0ZeVxXhLrtFcuy3tShW7U1t7NBfROYs7chXNfHIcy 235+ito1LgW0+rZm8nM+sAM7mSRETCo4SNiEq0Ug35GuvHfqVjtyQPwOKY26j4qq Xd6b2wyRAoGBAMt9sWTgSKUKHnSoxtRG5Yy+g3GainjT4Lc1JUJjBGr7bYio2ZB/ L/W4H2mtZpkx0kYSI+TdzTJh9W15Ck1z+NmZxmCb2rbr4ESjQpWd/9G4MLO6tLtP sAk1hN1HMU2hXR+ObvtODXamUQjBq72WXpqVgyhIF2TMMVWEMQAdf8Lg -----END RSA PRIVATE KEY-----
Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others. Use the chown and chmod commands as follows:
chown vivek:vivek script
chmod 0700 script
Run the script as follows:
$ ./script
$ ./script uptime
Sample outputs:
07:46:03 up 13 days, 1:07, 1 user, load average: 0.00, 0.00, 0.00
See also:
- 如何设置基于RSA和DSA 的无密码登录。
- Sshpass:在脚本中使用 ssh 密码。
- keychain:为备份脚本设置安全的无密码 SSH访问