我尝试使用 sftp 登录到其中一个服务器。连接的服务器不允许基于 ssh 密钥的登录。因此,我使用 sshpass 登录到服务器。但问题是,尽管我已使用 sshpass 中的 -p 选项输入了密码,但它仍提示我输入密码。下面是我尝试用来连接服务器的命令,但仍然提示输入密码。即使输入了密码,它也不会进入 sftp 服务器,并且会一直卡在那里。
SSHPASS='********' sshpass -e sftp -oBatchMode=no -b - sftp-
user@host
sshpass -p ******* sftp user@host
sshpass -p ****** sftp -o StrictHostKeyChecking=no
user@host
输入上述命令后,我得到的响应如下。即使我输入密码,它仍然停留在那里而不执行任何操作。
Connecting to host...
Password authentication
附言:我不应该使用基于 ssh 的登录,因为其他团队所有者不允许这样做。
编辑更新:
在 sftp 中使用 vvv 选项后添加输出
Connecting to host******...
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to Host******** [*******] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /home/lpadmin/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/lpadmin/.ssh/id_rsa type 1
debug1: identity file /home/lpadmin/.ssh/id_rsa-cert type -1
debug1: identity file /home/lpadmin/.ssh/id_dsa type -1
debug1: identity file /home/lpadmin/.ssh/id_dsa-cert type -1
debug1: identity file /home/lpadmin/.ssh/id_ecdsa type -1
debug1: identity file /home/lpadmin/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version Cleo
Harmony/5.6.1.0 SSH FTP server
debug1: no match: Cleo Harmony/5.6.1.0 SSH FTP server
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 864 bytes for a total of 885
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-
group1-sha1
debug2: kex_parse_kexinit: [email protected],ssh-dss-cert-
[email protected],[email protected],ssh-dss-cert-
[email protected],ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-
cbc,3des-
cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-
[email protected]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-
cbc,3des-
cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-
[email protected]
debug2: kex_parse_kexinit: hmac-sha1,[email protected],hmac-sha2-
256,hmac-
sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96
debug2: kex_parse_kexinit: hmac-sha1,[email protected],hmac-sha2-
256,hmac-
sha2-512,hmac-ripemd160,[email protected],hmac-sha1-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: [email protected],diffie-hellman-
group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-
sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: 3des-cbc,aes128-cbc,aes128-ctr,aes192-
cbc,aes192-
ctr,aes256-cbc,aes256-ctr,arcfour128,arcfour256,blowfish-cbc,cast128-
cbc,twofish128-cbc,twofish192-cbc,twofish256-cbc
debug2: kex_parse_kexinit: 3des-cbc,aes128-cbc,aes128-ctr,aes192-
cbc,aes192-
ctr,aes256-cbc,aes256-ctr,arcfour128,arcfour256,blowfish-cbc,cast128-
cbc,twofish128-cbc,twofish192-cbc,twofish256-cbc
debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-
md5,hmac-md5-96
debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-
md5,hmac-md5-96
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 909
debug2: dh_gen_key: priv key bits set: 163/320
debug2: bits set: 4124/8192
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 1040 bytes for a total of 1949
debug3: check_host_in_hostfile: host host********* filename
/home/lpadmin/.ssh/known_hosts
debug3: check_host_in_hostfile: host host****** filename
/home/lpadmin/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 11
debug3: check_host_in_hostfile: host IP****** filename
/home/lpadmin/.ssh/known_hosts
debug3: check_host_in_hostfile: host IP****** filename
/home/lpadmin/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 11
debug1: Host 'Host******' is known and matches the RSA host key.
debug1: Found key in /home/lpadmin/.ssh/known_hosts:11
debug2: bits set: 4116/8192
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1965
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 52 bytes for a total of 2017
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/lpadmin/.ssh/id_rsa (0x560cc4a8ec70)
debug2: key: /home/lpadmin/.ssh/id_dsa ((nil))
debug2: key: /home/lpadmin/.ssh/id_ecdsa ((nil))
debug3: Wrote 84 bytes for a total of 2101
debug1: Authentications that can continue: password,keyboard-interactive
debug3: start over, passed a different list password,keyboard-
interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-
interactive,password
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: Wrote 100 bytes for a total of 2201
debug2: input_userauth_info_req
Password authentication
debug2: input_userauth_info_req: num_prompts 1
答案1
sshpass
无法识别密码提示,因此不会发送密码。Sshpass 1.06 版及更高版本具有命令行选项“-P”,用于指定应查找的密码提示。尝试像这样运行 sshpass:
SSHPASS='********' sshpass -e -P 'Password authentication' sftp ...
这告诉 sshpass 应该响应什么密码提示。
远程 SSH 服务器正在尝试执行一种称为“键盘交互”的身份验证。服务器向客户端发送提示消息,客户端向用户显示提示,用户响应,客户端将响应发送到服务器。这类似于密码身份验证,只是远程服务器提供提示的文本。
在这种情况下,提示是文本“密码验证”。Sshpass 无法将其识别为密码提示,因此它不会发送密码。sshpass“-P”选项告诉 sshpass 要查找什么提示,而不是其内置默认值。
运行“sshpass -V”将生成您正在运行的 sshpass 的版本。“sshpass -h”将打印其命令行选项的简短描述,包括 -P(如果它是包含该功能的版本)。