Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can I forward env variables over ssh?

I work with several different servers, and it would be useful to be able to set some environment variables such that they are active on all of them when I SSH in. The problem is, the contents of some of the variables contain sensitive information (hashed passwords), and so I don't want to leave it lying around in a .bashrc file -- I'd like to keep it only in memory.

I know that you can use SSH to forward the DISPLAY variable (via ForwardX11) or an SSH Agent process (via ForwardAgent), so I'm wondering if there's a way to automatically forward the contents of arbitrary environment variables across SSH connections. Ideally, something I could set in a .ssh/config file so that it would run automatically when I need it to. Any ideas?

like image 433
singingwolfboy Avatar asked Dec 10 '10 14:12

singingwolfboy


People also ask

How do I export a .env variable?

To set an environment variable everytime, use the export command in the . bashrc file (or the appropriate initialization file for your shell). To set an environment variable from a script, use the export command in the script, and then source the script. If you execute the script it will not work.

How do I export an environment variable in terminal?

To set an environment variable, use the command " export varname=value ", which sets the variable and exports it to the global environment (available to other processes). Enclosed the value with double quotes if it contains spaces. To set a local variable, use the command " varname =value " (or " set varname =value ").

How do you inject environment variables?

We can install and use the EnvInject plugin to inject environment variables during the build startup. In the build configuration window, we select the “Inject environment variables” option in the “Add build step” combo box. We can then add the required environment variables in the properties content text box.

Can environment variables change during execution?

No. This is not possible. One process can never directly manipulate the environment of a different already-running process.


1 Answers

You can, but it requires changing the server configuration.

Read the entries for AcceptEnv in sshd_config(5) and SendEnv in ssh_config(5).

update:

You can also pass them on the command line:

ssh foo@host "FOO=foo BAR=bar doz" 

Regarding security, note than anybody with access to the remote machine will be able to see the environment variables passed to any running process.

If you want to keep that information secret it is better to pass it through stdin:

cat secret_info | ssh foo@host remote_program 
like image 78
salva Avatar answered Oct 02 '22 17:10

salva