[英]Reuse in PowerShell a running PuTTY agent (pageant)
Is there a way in PS 5.1 to reuse the PuTTY agent keys? PS 5.1 中有没有办法重用PuTTY 代理密钥?
Now, the details.现在,细节。
To use key agents one has an Agent that holds the keys (left box), and Client Applications that delegate administration of the keys (right box).要使用密钥代理,需要有一个持有密钥的代理(左框)和委托管理密钥的客户端应用程序(右框)。 Eg, client application C1=
putty
can use its own agent A1= pageant
, of course.例如,客户端应用程序 C1=
putty
当然可以使用它自己的代理 A1= pageant
。 Client application C2= winscp
knows how to use directly A1.客户端应用程序 C2=
winscp
知道如何直接使用 A1。
Certain Clients cannot use certain Agents directly, but there are Proxy agents that bridge the gap.某些客户不能直接使用某些代理,但有一些代理可以弥补这一差距。 For instance to use A1 with C3, I need Proxy P1=
ssh-pageant
, see example below.例如,要将 A1 与 C3 一起使用,我需要 Proxy P1=
ssh-pageant
,请参见下面的示例。 This helps centralizing in a single Agent the keys for many Clients.这有助于将多个客户端的密钥集中在单个代理中。 Now I mean to use A1 for all my Clients (currently, only missing A1-C5 and A1-C6).
现在我的意思是为我的所有客户使用 A1(目前,只缺少 A1-C5 和 A1-C6)。
Is there a way in PS 5.1 to reuse the same PuTTY agent keys? PS 5.1 中有没有办法重用相同的 PuTTY 代理密钥? (Ie, a Proxy Px to use A1 with C5)
(即,使用 A1 和 C5 的代理 Px)
Possibly helpful : https://superuser.com/a/1173570/245595可能有帮助: https://superuser.com/a/1173570/245595
NOTES :注意事项:
I did not try it, but it seems like winssh-pageant
is a Proxy to link A2 with Client applications that understand A1 directly.我没有尝试过,但似乎
winssh-pageant
是一个代理,可以将 A2 与直接理解 A1 的客户端应用程序链接起来。
I am currently trying to use in PS the same ssh-pageant
from msys2 (it is a Windows program in the end, and often times they do work), manually replacing what eval
does in msys2 (so far with no luck, but I think this is fixable):我目前正在尝试在 PS 中使用与 msys2 相同的
ssh-pageant
(它最终是一个 Windows 程序,并且通常它们确实有效),手动替换eval
在 msys2 中所做的事情(到目前为止没有运气,但我认为这是可以修复的):
> cd <dir where ssh-pageant is>
> .\ssh-pageant -r -a "$env:USERPROFILE\tmp\.ssh-pageant-$env:USERNAME"
SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'; export SSH_AUTH_SOCK;
SSH_PAGEANT_PID=714; export SSH_PAGEANT_PID;
echo ssh-pageant pid 714;
> $env:SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'
> $env:SSH_PAGEANT_PID=714
> ssh myserver
Enter passphrase for key 'C:\Users\USER1/.ssh/id_rsa':
As an alternative workaround, is there a non-admin (I wouldn't want to interfere with it) way to load keys into a separate agent such that when I start a PS session it uses those other keys, and which allows me to keep working with my reused keys in msys2?作为替代解决方法,是否有非管理员(我不想干扰它)的方式将密钥加载到单独的代理中,这样当我启动 PS session 时,它会使用其他密钥,这允许我保留在 msys2 中使用我重复使用的密钥? This would perhaps amount to using a two different agents at the same time...
这可能相当于同时使用两个不同的代理......
weasel-pageant
is such a proxy agent (based on Cygwin's ssh-pageant
), for WSL (A1-C7)... still looking for a solution for PS. weasel-pageant
就是这样一个代理(基于 Cygwin 的ssh-pageant
),用于 WSL(A1-C7)......仍在寻找 PS 的解决方案。
ssh-agent-wsl
is a fork of weasel-pageant
that includes support for using keys held by Microsoft's SSH Agent service (instead of PuTTY Pageant) (A2-C7... I guess it's remarkable that WSL needs a proxy to use Win OpenSSH agent). ssh-agent-wsl
是weasel-pageant
的一个分支,包括支持使用 Microsoft 的 SSH 代理服务(而不是 PuTTY Pageant)(A2-C7 ......代理人)。
Example on how to use "Proxy" agent ssh-pageant
to link PuTTY pageant with Cygwin bash如何使用“代理”代理
ssh-pageant
将 PuTTY 选美与 Cygwin bash 链接的示例
The steps to achieve this are:实现这一目标的步骤是:
pageant
) is executed, loading at the same time one key.pageant
)被执行,同时一键加载。 For this, a shortcut pageant
is added to C:\Users\USER1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
, pointing at %myputty%\pageant.exe "%mykeys%\key1.ppk"
.pageant
添加到C:\Users\USER1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
,指向%myputty%\pageant.exe "%mykeys%\key1.ppk"
。 $ ssh myserver
Enter passphrase for key 'C:\Users\USER1/.ssh/id_rsa':
ssh-pageant
("An SSH authentication agent for Cygwin/MSYS that links OpenSSH to PuTTY's Pageant"), such that it reuses whatever keys a previously loaded PuTTY agent has.ssh-pageant
(“将 OpenSSH 链接到 PuTTY 的 Pageant 的 Cygwin/MSYS 的 SSH 身份验证代理”),这样它就可以重用之前加载的 PuTTY 代理所拥有的任何密钥。eval $(/usr/bin/ssh-pageant -r -a "/tmp/.ssh-pageant-$USERNAME")
to my ~/.bashrc
of msys2.eval $(/usr/bin/ssh-pageant -r -a "/tmp/.ssh-pageant-$USERNAME")
添加到我的~/.bashrc
的 msys2 中。 Now whenever I start an msys2 terminal, the link PuTTY's Pageant -> ssh-pageant is established, a couple of environment variables are created, and I can ssh
without entering the passwordssh
$ env | grep -i ssh
SSH_AUTH_SOCK=/tmp/.ssh-pageant-USER1
SSH_PAGEANT_PID=960
$ ssh myserver
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-40-generic x86_64)
...
Related :相关:
http://rabexc.org/posts/pitfalls-of-ssh-agents http://rabexc.org/posts/pitfalls-of-ssh-agents
How to check if ssh-agent is already running in bash? 如何检查 ssh-agent 是否已经在 bash 中运行?
https://superuser.com/questions/1327633/how-to-maintain-ssh-agent-login-session-with-windows-10s-new-openssh-and-powers https://superuser.com/questions/1327633/how-to-maintain-ssh-agent-login-session-with-windows-10s-new-openssh-and-powers
https://superuser.com/questions/1293725/gpg-agent-under-windows-as-ssh-agent-for-git-bash https://superuser.com/questions/1293725/gpg-agent-under-windows-as-ssh-agent-for-git-bash
I made this work, using the same Cygwin tools (ie, both ssh-pageant
and Cygwin OpenSSH client) in a PS session.我在 PS session 中使用相同的 Cygwin 工具(即
ssh-pageant
和 Cygwin OpenSSH 客户端)完成了这项工作。
So I would do (assuming ssh-pageant
is already running from Msys2):所以我会这样做(假设
ssh-pageant
已经从 Msys2 运行):
> cd <dir where ssh-pageant is>
> .\ssh-pageant -r -a "$env:USERPROFILE\tmp\.ssh-pageant-$env:USERNAME"
SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'; export SSH_AUTH_SOCK;
> $env:SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'
> .\ssh myserver
Logged in to myserver
I have added this to my profile.ps1
(again, it will work when ssh-pageant
is already running when I start the PS session)我已将此添加到我的
profile.ps1
中(同样,当我启动 PS 会话时ssh-pageant
已经运行时,它将起作用)
$env:MSYS2_DIR=<mydir>
# Assuming a proxy ssh agent is already running
$env:SSH_AUTH_SOCK="$env:MSYS2_DIR\tmp\.ssh-pageant-$env:USERNAME"
# We have to make sure we use Msys2 OpenSSH ssh client, not Windows OpenSSH ssh client
function ssh_msys2 {
& $env:MSYS2_DIR\usr\bin\ssh.exe $args
}
If an ssh-pageant
is not yet active, this should work (not tested yet; the PID number may be different):如果
ssh-pageant
尚未激活,这应该可以工作(尚未测试;PID 号可能不同):
> cd <dir where ssh-pageant is>
> .\ssh-pageant -r -a "$env:USERPROFILE\tmp\.ssh-pageant-$env:USERNAME"
SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'; export SSH_AUTH_SOCK;
SSH_PAGEANT_PID=714; export SSH_PAGEANT_PID;
echo ssh-pageant pid 714;
> $env:SSH_AUTH_SOCK='C:\Users\USER1\tmp\.ssh-pageant-USER1'
> $env:SSH_PAGEANT_PID=714
> .\ssh myserver
Logged in to myserver
Still have to test a couple of points, and automate the operation.仍然需要测试几个点,并使操作自动化。
In particular, executing ssh-pageant
, detecting the PID # if it is returned, and setting environment variable SSH_PAGEANT_PID
from PS if that is the case.特别是,执行
ssh-pageant
,如果返回,则检测 PID #,如果是这种情况,则从 PS 设置环境变量SSH_PAGEANT_PID
。 This is a little bit more cumbersome than in Msys2, since ssh-pageant
spits something directly executable by bash.这比在 Msys2 中要麻烦一些,因为
ssh-pageant
会吐出一些可以由 bash 直接执行的东西。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.