碼上快樂

相關內容    簡體    繁體

MacOS Mojave 安裝sshpass

本文轉載自   查看原文   2019-12-14 15:32   945    Linux/ mojave/ sshpass/ macos/ ansible

使用sshpass的場景

在MacOS下使用ansible命令(inventory文件中使用了密碼驗證的方式)或者使用iTerm2來完成自動密碼填充等場景會使用到sshpass。

比如下面的樣例:Inventory文件中使用了ansible_ssh_pass選項

stephens-New-MacBook-Pro:ansible stephen$ cat test.hosts
10.10.66.66 ansible_port=22 ansible_user=root ansible_ssh_pass=test666
stephens-New-MacBook-Pro:ansible stephen$

使用ansible命令會失敗,提示缺少sshpass

stephens-New-MacBook-Pro:ansible stephen$ ansible all -i test.hosts  -m ping
10.10.66.66 | FAILED! => {
    "failed": true,
    "msg": "to use the 'ssh' connection type with passwords, you must install the sshpass program"
}
stephens-New-MacBook-Pro:ansible stephen$

安裝sshpass及各種常見小問題處理

直接brew install會提示不安全,被拒絕,brew install --force強制安裝也不行

stephens-New-MacBook-Pro:ansible stephen$ brew install sshpass -f
Updating Homebrew...
Error: No available formula with the name "sshpass"
We won't add sshpass because it makes it too easy for novice SSH users to
ruin SSH's security.
stephens-New-MacBook-Pro:ansible stephen$

可以通過下面的命令進行安裝

brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rb

sshpass.rb文件內容

require 'formula'

class Sshpass < Formula
  url 'http://sourceforge.net/projects/sshpass/files/sshpass/1.06/sshpass-1.06.tar.gz'
  homepage 'http://sourceforge.net/projects/sshpass'
  sha256 'c6324fcee608b99a58f9870157dfa754837f8c48be3df0f5e2f3accf145dee60'

  def install
    system "./configure", "--disable-debug", "--disable-dependency-tracking",
                          "--prefix=#{prefix}"
    system "make install"
  end

  def test
    system "sshpass"
  end
end

如果(因為眾所周知的網絡原因)通過brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rb的方式不能正常工作,可以將上面rubby腳本sshpass.rb的內容拷貝到本地執行brew install sshpass.rb

再次嘗試安裝提示缺少xcode-select命令行工具,可以通過xcode-select --install進行安裝

stephens-New-MacBook-Pro:ansible stephen$ brew install sshpass.rb
Error: Xcode alone is not sufficient on Mojave.
Install the Command Line Tools:
  xcode-select --install

stephens-New-MacBook-Pro:ansible stephen$ xcode-select --install
xcode-select: note: install requested for command line developer tools
stephens-New-MacBook-Pro:ansible stephen$

安裝完xcode-select之后重新執行brew install命令,sshpass安裝成功。

stephens-New-MacBook-Pro:ansible stephen$ brew install sshpass.rb
Updating Homebrew...
==> Downloading http://sourceforge.net/projects/sshpass/files/sshpass/1.06/sshpass-1.06.tar.gz
==> Downloading from https://jaist.dl.sourceforge.net/project/sshpass/sshpass/1.06/sshpass-1.06.tar.g
######################################################################## 100.0%
==> ./configure --prefix=/usr/local/Cellar/sshpass/1.06
==> make install
🍺  /usr/local/Cellar/sshpass/1.06: 9 files, 41.6KB, built in 33 seconds
You have new mail in /var/mail/stephen
stephens-New-MacBook-Pro:ansible stephen$

測試

執行ansible ping命令測試,OK。

stephens-New-MacBook-Pro:ansible stephen$ ansible all -i test.hosts  -m ping
10.10.66.66 | SUCCESS => {
    "changed": false,
    "ping": "pong"
}
stephens-New-MacBook-Pro:ansible stephen$

安全提示

既然brew默認不讓安裝sshpass,肯定是有它的理由的,那就是「安全」隱患。盡管我們使用本文的方式可以將sshpass安裝成功,不過在實際工作,尤其是生產環境中還是盡可能地避免使用這樣的驗證方式。

比如我們線上的使用姿勢是:

  • 所有登錄操作均需要通過統一的入口,即跳板機/堡壘機;
  • 登錄跳板機/堡壘機以及目標機器均采用密鑰認證,密鑰需要加鹽;
  • 用戶通過開啟SSH Agent轉發的方式來登錄跳板機/堡壘機,用戶的私鑰只存儲在用戶本地,在跳板機/堡壘機以及目標機器上只存儲用戶的公鑰;


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 VMware14 安裝 macOS Mojave教程 Dell 工作站M4800 安裝macOs Mojave 將MacOS Catalina 降級為 Mojave Running MacOS Mojave 10.14 On VirtualBox 6.0.6 On MacOS 制作 macOS Mojave 映像文件 如何將MacOS Catalina降級為Mojave macOS Mojave待機耗電大 2019.9.14 隨筆(5):在VMware中安裝macOS Mojave 10.14(主要寫安裝時遇到的問題) 虛擬機macOS Mojave10.14安裝XCode10.1 VMware虛擬機安裝黑蘋果MacOS Mojave系統詳細教程
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM