可以通过ssh转发env变量吗？ [英] Can I forward env variables over ssh?

问题描述

我与几个不同的服务器配合使用，当我进入SSH时，能够设置一些环境变量，使它们在所有的环境变量中都是有用的。问题是，一些变量的内容包含敏感的信息（散列密码），所以我不想让它躺在.bashrc文件中 - 我只想保留在内存中。

I work with several different servers, and it would be useful to be able to set some environment variables such that they are active on all of them when I SSH in. The problem is, the contents of some of the variables contain sensitive information (hashed passwords), and so I don't want to leave it lying around in a .bashrc file -- I'd like to keep it only in memory.

我知道您可以使用SSH转发DISPLAY变量（通过ForwardX11）或SSH代理进程（通过ForwardAgent），所以我想知道是否有一种方法可以通过SSH连接自动转发任意环境变量的内容。理想情况下，我可以在.ssh / config文件中设置，以便在需要时自动运行。任何想法？

I know that you can use SSH to forward the DISPLAY variable (via ForwardX11) or an SSH Agent process (via ForwardAgent), so I'm wondering if there's a way to automatically forward the contents of arbitrary environment variables across SSH connections. Ideally, something I could set in a .ssh/config file so that it would run automatically when I need it to. Any ideas?

推荐答案

您可以，但需要更改服务器配置。

You can, but it requires changing the server configuration.

在 AcceptEnv 的条目，在 sshd_config（5）和 SendEnv -cgi？ssh_config + 5rel =noreferrer> ssh_config（5）。

Read the entries for AcceptEnv in sshd_config(5) and SendEnv in ssh_config(5).

更新：

您还可以在命令行中传递：

You can also pass them on the command line:

ssh foo@host "FOO=foo BAR=bar doz"

关于安全性，请注意，任何有权访问远程机器的人都会可以看到环境变量被传递给任何正在运行的进程。

Regarding security, note than anybody with access to the remote machine will be able to see the environment variables passed to any running process.

如果你想保留这些信息，最好通过 stdin ：

If you want to keep that information secret it is better to pass it through stdin:

cat secret_info | ssh foo@host remote_program

这篇关于可以通过ssh转发env变量吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！