这是"跟进"从上周开始到我的question。基本上我看到一些使用pexpect 偶尔的ssh-copy-id的python代码挂起。
我认为这可能是一个痛苦的问题,但在我能够收集一个" stacktrace"之后我不再那么肯定了。从这样一个悬念。 在这里你可以看到我的应用程序的一些痕迹;在进入超时后跟着堆栈跟踪:
> ssh-copy-id -i ~/.ssh/id_rsa.pub someuser@some.ip
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/xxx/.ssh/id_rsa.pub"
The authenticity of host 'some.ip (some.ip)' can't be established.
ECDSA key fingerprint is SHA256:7...
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
someuser@some.ip's password:
Number of key(s) added: 1
Now try logging into the machine, with: ....
所以,我觉得有点奇怪: xauth 出现在收到的消息中。
你知道,今天我创建了另一个用于测试的虚拟机;并手动完成所有设置。这是我在这样做时看到的:
if( !isset($_POST['username'], $_POST['password'], $_POST['newPassword']) ) {
throw new \InvalidArgumentException( "Incorrect data" );
}
// Check new password length
if( strlen($_POST['newPassword']) < 6 ) {
// Throw?
}
$username = $_POST["username"];
$password = $_POST["password"];
$newPassword = $_POST["newPassword"];
// You should probably do a select here and check if the user exist and return a error message if not (or you can check the affected rows).
// Also keep in mind that this enables people to bruteforce your accounts.
$statement = mysqli_prepare($con, "UPDATE user SET password = ? WHERE username = ? AND password = ?");
mysqli_stmt_bind_param($statement, "sss", $newPassword, $username, $password);
mysqli_stmt_execute($statement);
所以,让我们回顾一下:
这让我发疯了。欢迎任何想法。
答案 0 :(得分:1)
xauth
引用气味,就像你要求X11转发一样。它将在~/.ssh/config
中配置。这可能是您的配置可能导致挂起的差异。