如何在没有提示的情况下执行 ssh-keygen [英] How to execute ssh-keygen without prompt
问题描述
我想在Centos7上用shell脚本自动生成一对ssh密钥,我试过了
yes "y" |ssh-keygen -t rsa回声 "
" |ssh-keygen...回声|ssh-keygen..所有这些命令都不起作用,只需输入一个回车",shell 脚本就会停止在输入密码短语(无密码短语为空)"处,我只想知道如何在shell中连续模拟多个输入".
如果有人能帮忙,非常感谢!
我们需要自动完成两步:
输入密码.使用
-N标志(本例中为空字符串):ssh-keygen -t rsa -N ''覆盖密钥文件:
使用 -f 输入路径(在本例中为 id_rsa)加上一个 here-string 来回答 yes 到以下问题:
ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1或者,在 bash 之类的 shell 下,如果您肯定要覆盖前一个,只需使用 here-string 到 用所有需要的输入来输入命令:
ssh-keygen -q -t rsa -N '' <<<$'
y' >/dev/null 2>&1来自 ssh-keygen man 页面:
-N new_passphrase 提供新的密码.-q 沉默 ssh-keygen.-f filename 指定密钥文件的文件名.分步说明
$ ssh-keygen -t rsa生成公钥/私钥 rsa 密钥对.输入保存密钥的文件 (/home/klashxx/.ssh/id_rsa):1) 为避免输入密钥,请使用 -f:
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa生成公钥/私钥 rsa 密钥对./home/klashxx/.ssh/id_rsa 已经存在.覆盖(是/否)?注意:如果您不关心 RSA 文件名并且肯定想覆盖前一个,请查看以下第四点的说明.
2) 现在我们需要回答y";自动到覆盖问题(让我们使用 here-string 用于该工作):
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa <<<是生成公钥/私钥 rsa 密钥对./home/klashxx/.ssh/id_rsa 已经存在.覆盖(是/否)?输入密码(空表示没有密码):3) 最后,我们将使用 -N 标志输入一个无效的通行证:
$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<<是生成公钥/私钥 rsa 密钥对./home/klashxx/.ssh/id_rsa 已经存在.覆盖(是/否)?您的身份信息已保存在/home/klashxx/.ssh/id_rsa 中.您的公钥已保存在/home/klashxx/.ssh/id_rsa.pub 中.关键指纹是:SHA256:Xo0t6caMB/8TSsigxfY28JIfqYjyqxRZrFrPncx5yiU klashxx@server钥匙的 randomart 图像是:+---[RSA 2048]----+|||.||哦.||+ * = ||+.+ BSo= o ||...o.+o+XO... ||.. .o.E==+B..||o ....=.o... ||.+o.哦.. |+----[SHA256]-----+4) 额外的球,清理输出,只检查返回码:
$ ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1$回声 $?0覆盖先前 RSA 文件的替代路径(不需要 -f 标志)
注意:只有 bash 像 shell.
如果你不关心RSA名称,只想覆盖它,我们需要自动回答这两个问题:
<块引用>输入保存密钥的文件:/example/path/.ssh/id_rsa already exists.
覆盖(是/否)?
如果我们手动执行此操作,对于第一个问题,我们只需按 enter,对于第二个问题,键入 y 并按 enter.
我们可以使用以下 here-string:
$'
y'
来自 bash 手册页:
$'string' 形式的单词被特殊处理.这个词扩展为字符串",用反斜杠转义的字符替换为指定的ANSI C 标准.
换行
所以,如果我们使用 od 来分析我们的字符串:
cat - <<<$'
y' |od -c0000000
y
我们看到我们得到了回答问题所需的一切.
第 1 点和第 2 点可以总结为:
ssh-keygen -q -t rsa <<<$'
y'最终命令将是:
$ ssh-keygen -q -t rsa -N '' <<<$'
y' >/dev/null 2>&1$回声 $?0点赞
@lukasz-dynowski、@redochka、@mellow-yellow、@yeti 以及该线程中的其他人.
I want to automate generate a pair of ssh key using shell script on Centos7, and I have tried
yes "y" | ssh-keygen -t rsa
echo "
" | ssh-keygen...
echo | ssh-keygen..
all of these command doesn't work, just input one 'enter' and the shell script stopped on "Enter passphrase (empty for no passphrase)", I just want to know how to simulate mutiple 'enter' in shell continuously.
Many thanks if anyone can help !
We need to accomplish two steps automatically:
Enter a passphrase. Use the
-Nflag (void string for this example):ssh-keygen -t rsa -N ''Overwrite the key file:
Use -f to enter the path (in this example id_rsa) plus a here-string to answer yes to the following question:
ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1
Or, under a bash like shell, If you certainly want to overwrite the previous one, use just a here-string to feed the command with all the need input:
ssh-keygen -q -t rsa -N '' <<< $'
y' >/dev/null 2>&1
From ssh-keygen man page:
-N new_passphrase provides the new passphrase. -q silence ssh-keygen. -f filename specifies the filename of the key file.
Step by step explanation
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/klashxx/.ssh/id_rsa):
1) To avoid entering the key use -f:
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)?
ATTENTION: If you don't care about the RSA file name and certainly want to overwrite the previous one, check the instructions below point four.
2) Now we need to answer "y" automatically to the overwrite question (let's use a here-string for that job):
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa <<< y
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)? Enter passphrase (empty for no passphrase):
3) Finally we're going to use the -N flag to enter a void pass:
$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa <<< y
Generating public/private rsa key pair.
/home/klashxx/.ssh/id_rsa already exists.
Overwrite (y/n)? Your identification has been saved in /home/klashxx/.ssh/id_rsa.
Your public key has been saved in /home/klashxx/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:Xo0t6caMB/8TSsigxfY28JIfqYjyqxRZrFrPncx5yiU klashxx@server
The key's randomart image is:
+---[RSA 2048]----+
| |
| . |
| o . |
| + * = |
| +. + BSo= o |
|...o.+o+XO... |
|.. .o.E==+B. . |
|o . ...=.o... |
|.+o. o .. |
+----[SHA256]-----+
4) Extra ball, cleanup the output, just check the return code:
$ ssh-keygen -q -t rsa -N '' -f ~/.ssh/id_rsa <<<y >/dev/null 2>&1
$ echo $?
0
An alternative path to overwrite the previous RSA file (no -f flag needed)
NOTE: Only bash like shells.
If you don't care about the RSA name and just want to overwrite it, we need to answer these two questions automatically:
Enter file in which to save the key: /example/path/.ssh/id_rsa already exists.
Overwrite (y/n)?
If we do this by hand, for the first question we just need to hit enter, and for the second, type y and press enter.
We can simulate these actions by using the following here-string:
$'
y'
From the bash man page:
Words of the form $'string' are treated specially. The word expands to "string", with backslash-escaped characters replaced as specified by the ANSI C standard.
new line
So, if we use od to analyze our string:
cat - <<< $'
y' | od -c
0000000
y
We see that we're getting just what we need to answer the questions.
Points 1 and 2 can be summarized into:
ssh-keygen -q -t rsa <<< $'
y'
And the final command will be:
$ ssh-keygen -q -t rsa -N '' <<< $'
y' >/dev/null 2>&1
$ echo $?
0
Kudos
@lukasz-dynowski, @redochka, @mellow-yellow, @yeti and the rest of the folks in this thread.
这篇关于如何在没有提示的情况下执行 ssh-keygen的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
