英文:
How can you modify files programmatically over SSH without using shell commands?
问题
我正在编写一个工具,其中需要能够通过SSH连接修改文件。然而,由于安全问题(简而言之:字符串转义非常困难),我不想在远程服务器上调用CLI工具。我应该如何使用(a)ssh命令行工具(在本地调用),或者(b)golang.org/x/crypto/ssh/*包来实现这一点?
**编辑:**抱歉,我忘记提到。我需要在单个会话中完成所有操作。在某些客户端上,被连接的服务器位于负载均衡器后面,因此如果我进行多次调用,可能会连接到不同的服务器。
英文:
I'm writing a tool which, among other things, needs to be able to modify files over an SSH connection. However, I don't want to have to invoke CLI tools on the remote server due to security concerns (TL;DR: string escaping is really hard). How can I do this with either (a) the ssh command-line tool (invoked locally) or, (b), the golang.org/x/crypto/ssh/* packages?
EDIT: Sorry, I forgot to mention. I need to be able to do this all within a single session. On some clients, the server being connected to is behind a load balancer, so if I make multiple invocations, I might end up connecting to different servers.
答案1
得分: 1
我不确定你打算如何做到这一点。SSH是一个非常严格的协议,它允许你执行特定的操作:文件传输和终端连接。
你可以在这里查看不同SSH服务器的功能:https://en.wikipedia.org/wiki/Comparison_of_SSH_servers#Features
但是SSH只是一个协议:一组SSH服务器(与SSH客户端相对应,即你的Go程序)将理解的命令集。
如果你想执行特定的操作,我建议你构建自己的服务器,并使用诸如SSL或TLS等加密技术来保护它,然后让你的客户端连接到该服务器。
PS:这个问题与Go语言关系不大,更多地与SSH相关,因为对于任何语言来说,它的工作方式都是相同的。
英文:
I am not sure how you plan on doing that. SSH is a very strict protocol which allows you to do specific things: file transfer and terminal connection.
You can see here the features different ssh servers have: https://en.wikipedia.org/wiki/Comparison_of_SSH_servers#Features
But SSH is just a protocol: a set of commands the SSH server (as opposed to the SSH client, which would be your go program) will understand.
If you want to do specific actions, I recommend you to build your own server, that you secure using encryption technologies such as SSL or TLS, to which your client will connect.
PS: This question is not really Go-related, but more SSH related, as it works the same for any language.
答案2
得分: 1
建立一个保持活动状态的ssh主连接。然后,您可以通过主连接进行隧道传输,将文件下载到本地主机,进行修改,然后再次使用scp上传。
参考链接:https://unix.stackexchange.com/a/2869
英文:
Establish a master connection with ssh that you keep alive. Then you can download the file to your localhost, modify it and upload it again using scp while tunneling through the master connection.
答案3
得分: 0
通过SSH操作文件的最便携方式是使用SFTP协议。SFTP主要用于文件传输,但实际上它是一个远程文件系统协议。它具有在远程系统上执行以下操作的功能:
- 创建、删除和重命名文件
- 打开文件进行读取或写入;在文件内读取和写入数据块。
- 列出目录内容
- 读取和更改文件属性
SFTP使用POSIX(类Unix)命名方案。文件分隔符为“/”,绝对路径以“/”开头。文件属性也遵循POSIX模型。
英文:
The most portable way to manipulate files through SSH is to use the SFTP protocol. SFTP is mostly used to transfer files, but it's really a remote filesystem protocol. It has operations to do all of the following on the remote system:
- Create, delete, and rename files
- Open files for reading or writing; read and write blocks of data within a file.
- List directory contents
- Read and change file attributes
SFTP exposes a POSIX (unix-like) naming scheme. The file separator is a "/" and absolute paths start with "/". File attributes also follow the POSIX model.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论