bash:while read loop - 如果有变量sshpass则停止

时间:2013-12-10 04:44:13

标签: bash while-loop

我的bash脚本有问题。我逐行读取变量lvm_path_exec,这是有效的。我用echo“lvmpath”确认了它。 但是,只要我将sshpass命令放入while语句,脚本就会处理第一行被grepped。

如果没有sshpass命令,则会处理所有lvmpath_exec行。

你看到错误吗? 

lvmpath_exec=$(sshpass -p "${password[$i]}"  ssh ${user[$i]}@${ip[$i]} -p ${port[$i]}  lvdisplay | grep datatest -A 3 | grep Path | awk '{ print $3 }') 

echo "$lvmpath_exec" | while read lvmpath
do
lvmname=datatest
snap=_snapshot
snapname=$lvmname$snap

lvcreate=$(sshpass -p "${password[$i]}"  ssh ${user[$i]}@${ip[$i]} -p ${port[$i]}  lvcreate -L20G -s -n $snapname $lvmpath)

snap_path=$(sshpass -p "${password[$i]}"  ssh ${user[$i]}@${ip[$i]} -p ${port[$i]}  lvdisplay | grep $snapname -A 3 | grep Path | awk '{ print $3 }')

transfer=$(sshpass -p "${password[$i]}"  ssh ${user[$i]}@${ip[$i]} -p ${port[$i]} "dd if=$snap_path | gzip -c" > /tmp/$snapname)

delsnap=$(sshpass -p "${password[$i]}"  ssh ${user[$i]}@${ip[$i]} -p ${port[$i]} lvremove -f $snap_path)

done

更新

我修好了: 取代

echo "$lvmpath_exec" | while read lvmpath


for lvmpath in $lvmpath_exec

但是在阅读的时候它也不适用吗?

2 个答案:

答案 0 :(得分:1)

sshpass通过操纵stdin来欺骗ssh以使其认为从交互式用户获取密码。当您使用... | while样式循环时,循环会对来自stdin的每一行进行迭代,sshpass在第一次调用后将其清除,这就是为什么只有第一行被执行的原因。 for循环不使用stdin,这就是它没有这个问题的原因。

正如man sshpass所解释的那样,这个工具本质上是不安全的,你应该真正使用公钥认证。还要记住,它有其他传递密码的方法,使用-p标志是最不安全的方法,任何其他方法都会更安全,例如-e标志似乎很容易。我知道你可能会坚持认为你有一个合法的用例,但这非常重要我只想引用手册页:

   First  and  foremost, users of sshpass should realize that ssh's insis‐
   tance on only getting the password interactively is not without reason.
   It  is close to impossible to securely store the password, and users of
   sshpass should consider whether ssh's public  key  authentication  pro‐
   vides  the  same  end-user  experience, while involving less hassle and
   being more secure.

   The -p option should be considered the least secure of all of sshpass's
   options.   All  system  users  can see the password in the command line
   with a simple "ps" command. Sshpass makes a minimal attempt to hide the
   password,  but such attempts are doomed to create race conditions with‐
   out actually solving the problem. Users of sshpass  are  encouraged  to
   use  one  of  the other password passing techniques, which are all more
   secure.

答案 1 :(得分:0)

你试过这个......虽然没有尝试过

export SSHPASS=password[$i]
sshpass -e ssh -oBatchMode=no user[$i]@{ip[$i]} ..
相关问题
最新问题