如何通过一个 ssh 会话将整个环境从目标 Linux 传递到客户端 Linux?

tag-icon tag-icon linux bash ssh shell environment-variables
如何通过一个 ssh 会话将整个环境从目标 Linux 传递到客户端 Linux?

我在目标 Linux(RedHat,PC_A)上有一个脚本,我想在远程登录会话期间从源 Linux(RedHat,PC_B)执行该脚本。

我正在尝试执行以下命令:

[user2@PC_B] ssh <user1>@<PC_A> "cd /home/<user1>; source /home/<user1>/.bashrc; ./<script.sh>;"

但当我登录并执行时,我收到多个错误,

Environment variable USER1_ROOT not defined ./stoprun: line 6: psrun: command not found ./omcserver: error while loading shared libraries: libocci.so.11.1: cannot open shared object file: No such file or directory ./wdc: error while loading shared libraries: libmutil.so: cannot open shared object file: No such file or directory (...)

注 1:<user1>已经无需密码进行身份验证(已添加到 PC_A 上的授权用户),这里没有问题;例如,我可以执行[<user2>@<PC_B> ~]$ ssh <user1>@<PC_A> "cd /home/<user1>; ls -ls; date"而不会出现任何错误

注 2:我根本不关心这样的错误,"./stoprun: line 6: psrun: command not found"也不关心"error while loading shared libraries"(我只是将它们作为在 PC_A 和 PC_B 之间正确传递变量的问题后果的示例),我需要在单个 ssh 会话中传递多个变量。我主要关心的是错误消息“环境变量 xxx_xxx 未定义”

如何在一次 ssh 会话期间将整个环境从目标/服务器(PC_A)正确地传递到源/客户端(PC_B)?

注 3:在两台主机 (PC_A) 和 PC_B 上我都已设置

[root@PC_A ~]# cat /etc/ssh/sshd_config | grep User
PermitUserEnvironment yes

注 4:从源主机 (PC_A) 执行时,相同的脚本执行时没有任何错误、问题或缺少库

[<user1>@<PC_A> ~]$ cd /home/<user1>
[<user1>@<PC_A> ~]$./<script.sh>;

PC_B 上的 /2/ 在 /etc/ssh/ssh_config PC_B 中添加了变量:

[root@<PC_B> ~]# cat /etc/ssh/ssh_config | grep SendEnv
        SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL
        SendEnv TEST
[root@<PC_B> ~]#

/3/ 在 ~/.ssh/environment 中指定自定义的环境变量

[root@<PC_B> ~]# cat /home/user2/.ssh/environment
LANG=en_us.utf-8  
TEST="test"
[root@<PC_B> ~]#

注意:PC_A 和 PC_B 上都已定义 LANG 环境变量,因此我添加了一个“独立”变量 TEST

/4/ 执行 ssh 并添加详细程度 -v

[user2@<PC_B> ~]$ ssh -v <user1>@<PC_A_IP_Address> "cd /home/<user1>; echo $TEST; echo $LANG"
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to <PC_A_IP_Address> [<PC_A_IP_Address>] port 22.
debug1: Connection established.
debug1: identity file /home/user2/.ssh/identity type -1
debug1: identity file /home/user2/.ssh/id_rsa type 1
debug1: identity file /home/user2/.ssh/id_dsa type -1
debug1: loaded 3 keys
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '<PC_A_IP_Address>' is known and matches the RSA host key.
debug1: Found key in /home/user2/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-with-mic,password
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Unspecified GSS failure.  Minor code may provide more information
No credentials cache found

debug1: Next authentication method: publickey
debug1: Trying private key: /home/user2/.ssh/identity
debug1: Offering public key: /home/user2/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: cd /home/<user1>; echo ; echo en_US.UTF-8

en_US.UTF-8
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
[user2@<PC_B> ~]$

/5/ 我在 PC_A 和 PC_B 上都重新启动了 sshd 服务

[root@<PC_A> ~]# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[root@<PC_A> ~]#

/6/ 以 root 用户身份从 PC_A (a) 检查环境变量

[root@<PC_A> ~]# echo $TEST

[root@<PC_A> ~]# echo $LANG
en_US.UTF-8

(a)作为非root用户

[root@<PC_A> ~]# exit
logout
[<user1>@<PC_A> ~]$ echo $TEST

[<user1>@<PC_A> ~]$ echo $LANG
en_US.UTF-8
[<user1>@<PC_A> ~]$

问题如下:不知何故只发送了一个环境变量,并且它似乎在打开的 ssh 会话中立即被其定义的值替换,而其他变量消失了(空白值)

   "debug1: Sending env LANG = en_US.UTF-8
   debug1: Sending command: cd /home/<user1>; echo ; echo en_US.UTF-8

   en_US.UTF-8"

注意#1 我在这里也添加了所有组合,但它们都不起作用:

[root@<PC_B> ~]# cat /home/user2/.ssh/environment
LANG=en_us.utf-8
TEST=test
[root@<PC_B> ~]#

[root@<PC_B> ~]# cat /home/user2/.ssh/environment
set LANG=en_us.utf-8
set TEST=test
[root@<PC_B> ~]#

[root@<PC_B> ~]# cat /home/user2/.ssh/environment
declare -x  LANG="en_us.utf-8"
declare -x  TEST="test"
[root@<PC_B> ~]#

答案1

我假设这里的主要问题是由于脚本在 PC_A 上执行时无法访问环境变量。

环境PermitUserEnvironment 是是不够的,你必须明确指定要传递哪些变量,你可以通过以下方式做到这一点:

PS:作为示例,我选择了语言多变的。

1- 通过编辑允许在 PC_A 上使用环境变量/etc/ssh/sshd_config

PermitUserEnvironment yes

2- 添加变量/etc/ssh/ssh_config在 PC_B 上,LANG 将由发送远程控制要求 :

SendEnv LANG

3- 在中指定自定义环境变量~/.ssh/环境与 PC_B 上的用户环境无关:

LANG=en_us.utf-8

4- 通过在 ssh 到 PC_A 时添加详细程度来检查环境变量是否已成功发送:

ssh -v ....

相关内容