我可以通过 ssh 转发环境变量吗? [英] Can I forward env variables over ssh?

问题描述

我在几个不同的服务器上工作，并且能够设置一些环境变量以便在我通过 SSH 登录时它们在所有这些服务器上都处于活动状态会很有用.问题是，一些变量的内容包含敏感的信息(散列密码)，所以我不想把它留在 .bashrc 文件中——我只想把它保存在内存中.

I work with several different servers, and it would be useful to be able to set some environment variables such that they are active on all of them when I SSH in. The problem is, the contents of some of the variables contain sensitive information (hashed passwords), and so I don't want to leave it lying around in a .bashrc file -- I'd like to keep it only in memory.

我知道您可以使用 SSH 来转发 DISPLAY 变量(通过 ForwardX11)或 SSH 代理进程(通过 ForwardAgent)，所以我想知道是否有一种方法可以跨 SSH 连接自动转发任意环境变量的内容.理想情况下，我可以在 .ssh/config 文件中设置一些内容，以便在需要时自动运行.有什么想法吗?

I know that you can use SSH to forward the DISPLAY variable (via ForwardX11) or an SSH Agent process (via ForwardAgent), so I'm wondering if there's a way to automatically forward the contents of arbitrary environment variables across SSH connections. Ideally, something I could set in a .ssh/config file so that it would run automatically when I need it to. Any ideas?

推荐答案

可以，但需要更改服务器配置.

You can, but it requires changing the server configuration.

阅读 sshd_config 中的 AcceptEnv 条目(5) 中的和SendEnvssh_config(5).

Read the entries for AcceptEnv in sshd_config(5) and SendEnv in ssh_config(5).

更新:

您也可以在命令行中传递它们:

You can also pass them on the command line:

ssh foo@host "FOO=foo BAR=bar doz"

关于安全性，请注意，任何有权访问远程机器的人都可以看到传递给任何正在运行的进程的环境变量.

Regarding security, note than anybody with access to the remote machine will be able to see the environment variables passed to any running process.

如果您想对这些信息保密，最好通过 stdin 传递它:

If you want to keep that information secret it is better to pass it through stdin:

cat secret_info | ssh foo@host remote_program

这篇关于我可以通过 ssh 转发环境变量吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！