问题
On a typical Unix system, if I try passing a raw password into SSH through a pipe I will get an error like
$ echo password | ssh user@host
Pseudo-terminal will not be allocated because stdin is not a terminal.
The exact same thing will work with keyboard input which as I understand is provided over stdin in exactly the same manner.
I'm not interested in passing a raw password to SSH (this would be terrible for too many reasons to list)
I want to understand what's different in this case between the stdin from a keyboard and the stdin from a Unix pipe.
EDIT: I am aware of the existence of SSH keys and how to use them. I am also aware that passing a plaintext password to ssh is a bad idea. This question is only about understanding what is happening differently between stdin from a pipe and the stdin from a keyboard.
回答1:
As mentioned in the other answer, security is the reason.
From technical point of view, by doing echo password | ssh user@host, you push the string to pipe and the characters are waiting on the ssh side to be read. But most of password prompts truncate this input before showing prompt (and modifying it to not-show the characters -- described later).
To answer the final question about difference, both are some kind of pipes, but when you have terminal on the other side, you can communicate with this side using control characters and you can reading/setting specific properties of the terminal, which both obviously fails on normal pipe from echo.
The error message is caused by the fact, that when you read the password from terminal, you modify terminal properties, so it will not show characters written (so called raw mode). And if the ssh program can't communicate with the terminal it fails like this.
来源:https://stackoverflow.com/questions/33159491/why-doesnt-ssh-work-with-a-piped-password-on-stdin