我正在尝试在远程计算机上生成密钥对(无密码)。我为此使用的命令是:
ssh root@REMOTEIP ssh-keygen -t rsa -f /root/.ssh/id_rsa_new -q -N ""
该命令的输出是:
ssh-keygen: option requires an argument -- N
Usage: ssh-keygen [options]
Options:
-a trials Number of trials for screening DH-GEX moduli.
-B Show bubblebabble digest of key file.
-b bits Number of bits in the key to create.
-C comment Provide new comment.
-c Change comment in private and public key files.
-e Convert OpenSSH to IETF SECSH key file.
-F hostname Find hostname in known hosts file.
-f filename Filename of the key file.
-G file Generate candidates for DH-GEX moduli.
-g Use generic DNS resource record format.
-H Hash names in known_hosts file.
-i Convert IETF SECSH to OpenSSH key file.
-l Show fingerprint of key file.
-M memory Amount of memory (MB) to use for generating DH-GEX moduli.
-N phrase Provide new passphrase.
-P phrase Provide old passphrase.
-p Change passphrase of private key file.
-q Quiet.
-R hostname Remove host from known_hosts file.
-r hostname Print DNS resource record.
-S start Start point (hex) for generating DH-GEX moduli.
-T file Screen candidates for DH-GEX moduli.
-t type Specify type of key to create.
-v Verbose.
-W gen Generator to use for generating DH-GEX moduli.
-y Read private key file and print public key.
当我使用密码时,该命令运行正常:
ssh root@REMOTEIP ssh-keygen -t rsa -f /root/.ssh/id_rsa_new -q -N "12345"
答案1
为了避免这种情况,您必须引用整个命令以避免它被本地 shell 拆分:
ssh root@REMOTEIP "ssh-keygen -t rsa -f /root/.ssh/id_rsa_new -q -N ''"
问题在于ssh,为了兼容rsh(它最初取代了),将整个命令行作为单身的该参数随后传递给远程 shell(在 Unix 上$SHELL -c "your command")。
当你跑步时
ssh root@REMOTEIP ssh-keygen -t rsa -f /root/.ssh/id_rsa_new -q -N ""本地 shell 执行
["ssh", "root@REMOTEIP", "ssh-keygen", "-t", "rsa", "-f", "/root/.ssh/id_rsa_new", "-q", "-N", ""]连接
ssh在一起得到"ssh-keygen -t rsa -f /root/.ssh/id_rsa_new -q -N "远程 shell 再次拆分为
["ssh-keygen", "-t", "rsa", "-f", "/root/.ssh/id_rsa_new", "-q", "-N"]– 注意缺少的空参数。