Plink (PuTTY Link) is a command-line connection tool similar to UNIX ssh
. It is mostly used for automated operations, such as making CVS access a repository on a remote server.
Plink is probably not what you want if you want to run an interactive session in a console window.
7.1 Starting Plink
Plink is a command line application. This means that you cannot just double-click on its icon to run it and instead you have to bring up a console window. In Windows 95, 98, and ME, this is called an ÿMS-DOS Promptÿ, and in Windows NT and 2000 it is called a ÿCommand Promptÿ. It should be available from the Programs section of your Start Menu.
In order to use Plink, the file plink.exe
will need either to be on your PATH
or in your current directory. To add the directory containing Plink to your PATH
environment variable, type into the console window:
set PATH=C:\path\to\putty\directory;%PATH%
This will only work for the lifetime of that particular console window. To set your PATH
more permanently on Windows NT, use the Environment tab of the System Control Panel. On Windows 95, 98, and ME, you will need to edit your AUTOEXEC.BAT
to include a set
command like the one above.
7.2 Using Plink
This section describes the basics of how to use Plink for interactive logins and for automated processes.
Once you've got a console window to type into, you can just type plink
on its own to bring up a usage message. This tells you the version of Plink you're using, and gives you a brief summary of how to use Plink:
Z:\sysosd>plink PuTTY Link: command-line connection utility Release 0.56 Usage: plink [options] [user@]host [command] ("host" can also be a PuTTY saved session name) Options: -V print version information -v show verbose messages -load sessname Load settings from saved session -ssh -telnet -rlogin -raw force use of a particular protocol -P port connect to specified port -l user connect with specified username -m file read remote command(s) from file -batch disable all interactive prompts The following options only apply to SSH connections: -pw passw login with specified password -D [listen-IP:]listen-port Dynamic SOCKS-based port forwarding -L [listen-IP:]listen-port:host:port Forward local port to remote address -R [listen-IP:]listen-port:host:port Forward remote port to local address -X -x enable / disable X11 forwarding -A -a enable / disable agent forwarding -t -T enable / disable pty allocation -1 -2 force use of particular protocol version -C enable compression -i key private key file for authentication -s remote command is an SSH subsystem (SSH-2 only) -N don't start a shell/command (SSH-2 only)
Once this works, you are ready to use Plink.
7.2.1 Using Plink for interactive logins
To make a simple interactive connection to a remote server, just type plink
and then the host name:
Z:\sysosd>plink login.example.com Debian GNU/Linux 2.2 flunky.example.com flunky login:
You should then be able to log in as normal and run a session. The output sent by the server will be written straight to your command prompt window, which will most likely not interpret terminal control codes in the way the server expects it to. So if you run any full-screen applications, for example, you can expect to see strange characters appearing in your window. Interactive connections like this are not the main point of Plink.
In order to connect with a different protocol, you can give the command line options -ssh
, -telnet
, -rlogin
or -raw
. To make an SSH connection, for example:
Z:\sysosd>plink -ssh login.example.com login as:
If you have already set up a PuTTY saved session, then instead of supplying a host name, you can give the saved session name. This allows you to use public-key authentication, specify a user name, and use most of the other features of PuTTY:
Z:\sysosd>plink my-ssh-session Sent username "fred" Authenticating with public key "fred@winbox" Last login: Thu Dec 6 19:25:33 2001 from :0.0 fred@flunky:~$
7.2.2 Using Plink for automated connections
More typically Plink is used with the SSH protocol, to enable you to talk directly to a program running on the server. To do this you have to ensure Plink is using the SSH protocol. You can do this in several ways:
- Use the
-ssh
option as described in section 7.2.1. - Set up a PuTTY saved session that describes the server you are connecting to, and that also specifies the protocol as SSH.
- Set the Windows environment variable
PLINK_PROTOCOL
to the wordssh
.
Usually Plink is not invoked directly by a user, but run automatically by another process. Therefore you typically do not want Plink to prompt you for a user name or a password.
Next, you are likely to need to avoid the various interactive prompts Plink can produce. You might be prompted to verify the host key of the server you're connecting to, to enter a user name, or to enter a password.
To avoid being prompted for the server host key when using Plink for an automated connection, you should first make amanual connection (using either of PuTTY or Plink) to the same server, verify the host key (see section 2.2 for more information), and select Yes to add the host key to the Registry. After that, Plink commands connecting to that server should not give a host key prompt unless the host key changes.
To avoid being prompted for a user name, you can:
- Use the
-l
option to specify a user name on the command line. For example,plink login.example.com -l fred
. - Set up a PuTTY saved session that describes the server you are connecting to, and that also specifies the username to log in as (see section 4.13.3).
To avoid being prompted for a password, you should almost certainly set up public-key authentication. (See chapter 8 for a general introduction to public-key authentication.) Again, you can do this in two ways:
- Set up a PuTTY saved session that describes the server you are connecting to, and that also specifies a private key file (see section 4.18.5). For this to work without prompting, your private key will need to have no passphrase.
- Store the private key in Pageant. See chapter 9 for further information.
Once you have done all this, you should be able to run a remote command on the SSH server machine and have it execute automatically with no prompting:
Z:\sysosd>plink login.example.com -l fred echo hello, world hello, world Z:\sysosd>
Or, if you have set up a saved session with all the connection details:
Z:\sysosd>plink mysession echo hello, world hello, world Z:\sysosd>
Then you can set up other programs to run this Plink command and talk to it as if it were a process on the server machine.
7.2.3 Plink command line options
Plink accepts all the general command line options supported by the PuTTY tools. See section 3.7.3 for a description of these options.
Plink also supports some of its own options. The following sections describe Plink's specific command-line options.
7.2.3.1 -batch
: disable all interactive prompts
If you use the -batch
option, Plink will never give an interactive prompt while establishing the connection. If the server's host key is invalid, for example (see section 2.2), then the connection will simply be abandoned instead of asking you what to do next.
This may help Plink's behaviour when it is used in automated scripts: using -batch
, if something goes wrong at connection time, the batch job will fail rather than hang.
7.2.3.2 -s
: remote command is SSH subsystem
If you specify the -s
option, Plink passes the specified command as the name of an SSH ÿsubsystemÿ rather than an ordinary command line.
(This option is only meaningful with the SSH-2 protocol.)
7.3 Using Plink in batch files and scripts
Once you have set up Plink to be able to log in to a remote server without any interactive prompting (see section 7.2.2), you can use it for lots of scripting and batch purposes. For example, to start a backup on a remote machine, you might use a command like:
plink root@myserver /etc/backups/do-backup.sh
Or perhaps you want to fetch all system log lines relating to a particular web area:
plink mysession grep /~fred/ /var/log/httpd/access.log > fredlog
Any non-interactive command you could usefully run on the server command line, you can run in a batch file using Plink in this way.
7.4 Using Plink with CVS
To use Plink with CVS, you need to set the environment variable CVS_RSH
to point to Plink:
set CVS_RSH=\path\to\plink.exe
You also need to arrange to be able to connect to a remote host without any interactive prompts, as described in section 7.2.2.
You should then be able to run CVS as follows:
cvs -d :ext:user@sessionname:/path/to/repository co module
If you specified a username in your saved session, you don't even need to specify the ÿuserÿ part of this, and you can just say:
cvs -d :ext:sessionname:/path/to/repository co module
7.5 Using Plink with WinCVS
Plink can also be used with WinCVS. Firstly, arrange for Plink to be able to connect to a remote host non-interactively, as described in section 7.2.2.
Then, in WinCVS, bring up the ÿPreferencesÿ dialogue box from the Admin menu, and switch to the ÿPortsÿ tab. Tick the box there labelled ÿCheck for an alternate rsh
nameÿ and in the text entry field to the right enter the full path to plink.exe
. Select ÿOKÿ on the ÿPreferencesÿ dialogue box.
Next, select ÿCommand Lineÿ from the WinCVS ÿAdminÿ menu, and type a CVS command as in section 7.4, for example:
cvs -d :ext:user@hostname:/path/to/repository co module
or (if you're using a saved session):
cvs -d :ext:user@sessionname:/path/to/repository co module
Select the folder you want to check out to with the ÿChange Folderÿ button, and click ÿOKÿ to check out your module. Once you've got modules checked out, WinCVS will happily invoke plink from the GUI for CVS operations.
用 Plink 更方便快捷的执行远程主机上的命令
Plink 是 PuTTY 的命令行连接工具,主要用于自动化工作的处理。
直接在控制台执行 plink,可以看到 Plink 的帮助
C:\>plink
PuTTY Link: command-line connection utility
Release 0.58
Usage: plink [options] [user@]host [command]
("host" can also be a PuTTY saved session name)
Options:
-V print version information and exit
-pgpfp print PGP key fingerprints and exit
-v show verbose messages
-load sessname Load settings from saved session
-ssh -telnet -rlogin -raw
force use of a particular protocol
-P port connect to specified port
-l user connect with specified username
-batch disable all interactive prompts
The following options only apply to SSH connections:
-pw passw login with specified password
-D [listen-IP:]listen-port
Dynamic SOCKS-based port forwarding
-L [listen-IP:]listen-port:host:port
Forward local port to remote address
-R [listen-IP:]listen-port:host:port
Forward remote port to local address
-X -x enable / disable X11 forwarding
-A -a enable / disable agent forwarding
-t -T enable / disable pty allocation
-1 -2 force use of particular protocol version
-4 -6 force use of IPv4 or IPv6
-C enable compression
-i key private key file for authentication
-m file read remote command(s) from file
-s remote command is an SSH subsystem (SSH-2 only)
-N don't start a shell/command (SSH-2 only)
C:\>
看上去 Plink 的使用方法、参数与PSCP、PSFTP都很类似。
- -P port 指定服务器的 SSH 端口,注意这个是大写字母 P,默认是 -P 22,如果主机的 SSH 端口就是 22,就不用指定了
- -l user 指定以哪个用户的身份登录主机,如果没有指定,则 PSCP 会在 PuTTY 保存的同名 Session 中获得默认的用户名称。用户名称也可以和主机名称写在一起,用 @ 分割开,比如:username@server
- -pw passwd 指定登录时所用的口令为 passwd
- -i keyfile 就是指定登录时所用的密钥文件
- -m file 如果执行的命令很多的话,可以把命令写到文件中,然后用这个参数来指定
还是用一些实际的例子来说明一下 Plink 吧
还记得前面说到 PuTTY 的自动执行命令那个配置么?在说到那个配置的时候,我们演示了一个简单的 Tomcat 重新启动的命令,这个命令是要写在 PuTTY 的 Remote command 里面去。现在我们用 Plink 来实现同样的功能:
假设连接的主机是 192.168.6.200,SSH 的端口是 3022,用户是 taylor:
plink -P 3022 taylor@192.168.6.200 export CATALINA_HOME="~/apache-tomcat-5.5.17";export JAVA_HOME="~/jdk1.5.0_07";export PATH=$JAVA_HOME/bin;$PATH ; cd $CATALINA_HOME/bin;./shutdown.sh;./startup.sh;tail -f $CATALINA_HOME/logs/catalina.out
如果在 PuTTY 中保存了一个名为 192.168.6.200 的会话,注意,这个会话的名称与主机 IP 一样,在会话中已经正确保存了端口 3022,指定了默认的用户是 taylor,现在这个命令就可以简化为:
plink 192.168.6.200 export CATALINA_HOME="~/apache-tomcat-5.5.17";export JAVA_HOME="~/jdk1.5.0_07";export PATH=$JAVA_HOME/bin;$PATH ; cd $CATALINA_HOME/bin;./shutdown.sh;./startup.sh;tail -f $CATALINA_HOME/logs/catalina.out
用 date 命令查看一下主机上的时间,并且格式化输出:
plink 192.168.6.200 date "+%F %T"
大家实际执行一下命令看看,会发现,这个命令并没有返回我们期望的结果,而是返回了一个错误:
C:\>plink 192.168.6.200 date "+%F %T"
date: too many non-option arguments: %T
Try `date --help' for more information.
可是在服务器上直接执行命令 date "+%F %T",的确是正确无误的,哪里出了问题呢?这是因为Windows的控制台会把两个双引号之间的字符串作为一个参数传递给被执行的程序,而不会把双引号也传递给程序。我们做这样一个小小的实验来说明一下这个问题:
比如在 c:\tmp 文件夹里建立三个文件夹,名称分别为:"foo"、"bar"、"foo bar"。然后在 foo 这个文件夹里面建立一个名为“foo.log”的空文件,在“bar”这个文件夹里建立一个名为“bar.log”的空文件,在“foo bar”这个文件夹里建立一个名为“foo-bar.log”的空文件。
然后在控制台下进入 c:\tmp 这个文件夹,执行如下命令:
dir foo bar
结果是列出“foo bar”这个文件夹里的内容,还是分别列出“foo”和“bar”文件夹里的东西呢?正确答案是后者。
要想正确列出“foo bar”文件夹里的东西,就需要用双引号把"foo bar"引起来
C:\tmp>dir foo bar
Volume in drive C is System
Volume Serial Number is 9C51-A51C
Directory of C:\tmp\foo
2006-11-22 09:48 <DIR> .
2006-11-22 09:48 <DIR> ..
2006-11-16 11:58 0 foo.log
1 File(s) 0 bytes
Directory of C:\tmp\bar
2006-11-22 09:48 <DIR> .
2006-11-22 09:48 <DIR> ..
2006-11-16 11:58 0 bar.log
1 File(s) 0 bytes
2 Dir(s) 1,107,345,408 bytes free
C:\tmp>dir "foo bar"
Volume in drive C is System
Volume Serial Number is 9C51-A51C
Directory of C:\tmp\foo bar
2006-11-22 09:48 <DIR> .
2006-11-22 09:48 <DIR> ..
2006-11-16 11:58 0 foo-bar.log
1 File(s) 0 bytes
2 Dir(s) 1,107,345,408 bytes free
C:\tmp>
说到这里,就会明白上面的那个命令 plink 192.168.6.200 date "+%F %T" 其实在主机上执行的真实命令是 date +%F %T,而不是命令行中指定的 date "+%F %T"。不过还好,Windows 的控制台可不认得单引号,所以上面那个命令的正确用法应该是:
c:\>plink 192.168.6.200 date '+%F %T'
2006-11-22 09:39:57
我经常需要登录到服务器上把 ADSL 重新拨号,可以把下面的命令写到一个文本文件中,比如保存到了 C:\adsl-restart.command.txt
echo "stoping..."
/sbin/adsl-stop
echo "starting..."
/sbin/adsl-start
echo "done."
/sbin/adsl-status
然后执行如下命令:
plink -m c:\adsl-restart.command.txt root@192.168.6.251
我经常要查看 Tomcat 的运行日志
plink taylor@192.168.6.200 tail -f ~/apache-tomcat-5.5.17/logs/catalina.out
每天都要看服务器上的剩余空间,就用这个命令:
plink taylor@192.168.6.200 df -k
假设 www.chaifeng.com 连接着另外一个网段 10.204.26.0,有台内网IP 为 10.204.26.21 的 Solaris 8主机只能用 telnet 登录,为了防止被监听,我们可以用 Plink 建立一个隧道,隧道开放 120 秒钟,如果隧道没有被使用,就自动断开连接,然后我们在本地就可以用命令 telnet localhost 2623 的安全登录那台 Solaris 8 主机了。
plink -L 2623:10.204.26.21:23 www.chaifeng.com sleep 120
在主机 www.chaifeng.com 上正在运行着 tor,默认的监听地址是 127.0.0.1:9050,用 Plink 建立一个隧道,然后浏览器上配置代理服务器为 127.0.0.1,端口是 9050,这样就能够安全的使用 tor 代理了,不用担心从我们的机器到主机 www.chaifeng.com 有被监听的可能了。
plink -C -N -L 9050:127.0.0.1:9050 taylor@www.chaifeng.com
结合上 PSCP 我们还可以完成文件的每天备份
plink taylor@192.168.6.200 tar jcf $(date '+documents.%F.tar.bz2') ~/documents
pscp taylor@192.168.6.200:$(date '+documents.%F.tar.bz2') c:\backup\
plink taylor@192.168.6.200 rm -f $(date '+documents.%F.tar.bz2')
如果把这些常用的操作写成批处理文件,到时候要重启一下 Tomcat,或者马上察看一下 Tomcat 日志,再或者只是要把 ADLS 重新拨号以下,只需要用鼠标一双击这个批处理文件,稍等一下就自动完成了。不比你打开 PuTTY,登录到服务器上,然后再一个一个的执行命令,最后还得注销来的方便快捷么?