[英]Script called from ~/.ssh/config loses TTY
I'm using a site-specific authentication script that issues a 24-hour certificate for password-less login.我正在使用一个特定于站点的身份验证脚本,该脚本为无密码登录颁发 24 小时证书。 What I'm trying to do is rig my ~/.ssh/config
so ssh
triggers the script if the certificate has expired:我正在尝试做的是装配我的~/.ssh/config
以便ssh
在证书过期时触发脚本:
Match originalhost remotehost.site exec "test $(file.age ~/.ssh/certificate) -ge 86400" exec ~/bin/authentication_script
This almost works -- it tests the age of the latest certificate file ok, and invokes the authentication_script
if it's out-of-date.这几乎可以工作 - 它测试最新证书文件的年龄,如果它已经过时,则调用authentication_script
。 The problem is that this script is using TTY read
operations to take the password input, and giving these errors:问题是该脚本使用 TTY read
操作来获取密码输入,并给出以下错误:
stty: 'standard input': Inappropriate ioctl for device
stty: 'standard input': Inappropriate ioctl for device
authentication_script: The sshproxy server said: Authentication failed. Failed login: myname:
authentication_script: This usually means you did not enter the correct password or OTP:
stty: 'standard input': Inappropriate ioctl for device
stty: 'standard input': Inappropriate ioctl for device
stty: 'standard input': Inappropriate ioctl for device
authentication_script: The sshproxy server said: Authentication failed. Failed login: myname:
authentication_script: This usually means you did not enter the correct password or OTP:
stty: 'standard input': Inappropriate ioctl for device
This doesn't happen when I run the script on the command-line from a regular login session.当我从常规登录 session 在命令行上运行脚本时,不会发生这种情况。 Is there some mode that I can flip to get it to work?是否有某种模式可以翻转以使其正常工作?
I've been told that exec
disables the stdin
/ stdout
, and referred to here:我被告知exec
禁用了stdin
/ stdout
,并在这里提到:
https://unix.stackexchange.com/questions/674759/how-to-make-ssh-config-match-host-exec-inherit-current-shells-tty-name https://unix.stackexchange.com/questions/674759/how-to-make-ssh-config-match-host-exec-inherit-current-shells-tty-name
But for my purposes, I am able to use PTY operations to control the I/O:但出于我的目的,我可以使用 PTY 操作来控制 I/O:
PTY=$(ps --no-headers $$ | xargs index 2)
printf "Enter the password}: " > /dev/$PTY
read -r -s pw < /dev/$PTY
(The index
operation is just my script to return the nth item from a list) ( index
操作只是我从列表中返回第 n 项的脚本)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.