update document

trzsz · Dec 30, 2023 · 6464446 · 6464446
1 parent 9bc9a81
commit 6464446
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 15 deletions.
diff --git a/cn/ssh.md b/cn/ssh.md
@@ -233,10 +233,10 @@ _`~/` 代表 HOME 目录。在 Windows 中，请将下文的 `~/` 替换成 `C:\
 
   ```
   Host auto
-      #!! ExpectCount 3  # 配置自动交互的次数，默认是 0 即无自动交互
+      #!! ExpectCount 5  # 配置自动交互的次数，默认是 0 即无自动交互
       #!! ExpectTimeout 30  # 配置自动交互的超时时间（单位：秒），默认是 30 秒
       #!! ExpectPattern1 *assword  # 配置第一个自动交互的匹配表达式
-      # 配置第一个自动输入（密文），填 tssh --enc-secret 编码后的字符串，会自动发送 \r 回车
+      # 配置第一个自动输入（密文），这是由 tssh --enc-secret 编码得到的字符串，tssh 会自动发送 \r 回车
       #!! ExpectSendPass1 d7983b4a8ac204bd073ed04741913befd4fbf813ad405d7404cb7d779536f8b87e71106d7780b2
       #!! ExpectPattern2 hostname*$  # 配置第二个自动交互的匹配表达式
       #!! ExpectSendText2 echo tssh expect\r  # 配置第二个自动输入（明文），需要指定 \r 才会发送回车
@@ -247,10 +247,16 @@ _`~/` 代表 HOME 目录。在 Windows 中，请将下文的 `~/` 替换成 `C:\
       #!! ExpectSendText3 ssh xxx\r  # 配置第三个自动输入，也可以换成 ExpectSendPass3 然后配置密文
       #!! ExpectCaseSendText3 yes/no y\r  # 在 ExpectPattern3 匹配之前，若遇到 yes/no 则发送 y 并回车
       #!! ExpectCaseSendText3 y/n yes\r   # 在 ExpectPattern3 匹配之前，若遇到 y/n 则发送 yes 并回车
-      #!! ExpectCaseSendPass3 token d7... # 在 ExpectPattern3 匹配之前，若遇到 token 则解码并发送 d7...
+      #!! ExpectCaseSendPass3 token d7... # 在 ExpectPattern3 匹配之前，若遇到 token 则解码 d7... 并发送
+      # --------------------------------------------------
+      #!! ExpectPattern4 token:  # 配置第四个自动交互的匹配表达式（这里以动态密码举例）
+      #!! ExpectSendOtp4 oathtool --totp -b xxxxx  # 配置获取动态密码的命令（明文）
+      #!! ExpectPattern5 token:  # 配置第五个自动交互的匹配表达式（这里以动态密码举例）
+      # 下面是运行 tssh --enc-secret 输入命令 oathtool --totp -b xxxxx 得到的密文串
+      #!! ExpectSendEncOtp5 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
   ```
 
-  - 使用 `tssh --debug` 登录，可以看到 `expect` 捕获到的输出，以及其匹配结果和自动输入的交互。
+  - 配置 `ExpectCount` 大于 `0` 之后，使用 `tssh --debug` 登录，可以看到 `expect` 捕获到的输出。
 
 ## 记住密码
 
@@ -315,7 +321,7 @@ _`~/` 代表 HOME 目录。在 Windows 中，请将下文的 `~/` 替换成 `C:\
 
 - 除了私钥和密码，还有一种登录方式，英文叫 keyboard interactive ，是服务器返回一些问题，客户端提供正确的答案就能登录，很多自定义的一次性密码就是利用这种方式实现的。
 
-- 如果答案是固定不变的，`tssh` 支持“记住答案”。大部分都是只有一个问题，只要配置 `QuestionAnswer1` 即可。对于有多个问题的，每个问题答案可按序号进行配置，也可以按问题的 hex 编码进行配置。
+- 对于只有一个问题，且答案（密码）固定不变的，只要配置 `QuestionAnswer1` 即可。对于有多个问题的，可以按问题的序号进行配置，也可以按问题的 hex 编码进行配置。
 
 - 使用 `tssh --debug` 登录，会输出问题的 hex 编码，从而知道该如何使用 hex 编码进行配置。配置举例：
 
@@ -336,8 +342,27 @@ _`~/` 代表 HOME 目录。在 Windows 中，请将下文的 `~/` 替换成 `C:\
       636f64653a20 my_code  # 其中 `636f64653a20` 是问题 `code: ` 的 hex 编码, `my_code` 是明文答案
   ```
 
+- 对于可以通过命令行获取到的动态密码，则可以如下配置（同样支持按序号或 hex 编码进行配置）：
+
+  ```
+  Host otp
+      OtpCommand1 oathtool --totp -b xxxxx  # 按序号配置获取动态密码的命令
+      otp636f64653a20 oathtool --totp -b xxxxx  # 按 `code: ` 的 hex 编码 `636f64653a20` 配置获取动态密码的命令
+      # 下面是运行 tssh --enc-secret 输入命令 oathtool --totp -b xxxxx 得到的密文串，加上 `enc` 前缀进行配置
+      encOtpCommand2 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
+      encotp636f64653a20 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
+  ```
+
 - 如果启用了 `ControlMaster` 多路复用，或者是在 `Warp` 终端，请参考前面 `自动交互` 加 `Ctrl` 前缀来实现。
 
+  ```
+  Host ctrl_otp
+      #!! CtrlExpectCount 1  # 配置自动交互的次数，一般只要输入一次密码
+      #!! CtrlExpectPattern1 token:  # 配置密码提示语的匹配表达式（这里以动态密码举例）
+      #!! CtrlExpectSendOtp1 oathtool --totp -b xxxxx  # 配置获取动态密码的命令（明文）
+      #!! CtrlExpectSendEncOtp1 77b4ce85d0...  # 或者配置 tssh --enc-secret 得到的密文串
+  ```
+
 ## 可选配置
 
 - 支持在 `~/.tssh.conf`（ Windows 是 `C:\Users\your_name\.tssh.conf` ）中进行以下自定义配置：
@@ -364,6 +389,10 @@ _`~/` 代表 HOME 目录。在 Windows 中，请将下文的 `~/` 替换成 `C:\
   # tssh 搜索和选择服务器时，详情中显示的配置列表，默认如下：
   PromptDetailItems = Alias Host Port User GroupLabels IdentityFile ProxyCommand ProxyJump RemoteCommand
 
+  # tssh 搜索和选择服务器时，可以自定义光标和选中的图标：
+  PromptCursorIcon = 🧨
+  PromptSelectedIcon = 🍺
+
   # 登录后自动设置终端标题，退出后不会重置，你需要参考下文在本地 shell 中设置 PROMPT_COMMAND
   SetTerminalTitle = Yes
   ```

diff --git a/ssh.md b/ssh.md
@@ -229,10 +229,10 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
 
   ```
   Host auto
-      #!! ExpectCount 3  # Configures the number of automated interactions, default is 0 which means no automated interaction
+      #!! ExpectCount 5  # Configures the number of automated interactions, default is 0 which means no automated interaction
       #!! ExpectTimeout 30  # Configures the timeout for automated interaction (in seconds), default is 30 seconds
       #!! ExpectPattern1 *assword  # Configures the first automated interaction match expression
-      # Configures the first automated input (encrypted). Fill in the string encoded by tssh --enc-secret, it will automatically send \r (enter)
+      # Configures the first automated input (encrypted). It was encoded by `tssh --enc-secret`, `tssh` will send \r (enter) automatically
       #!! ExpectSendPass1 d7983b4a8ac204bd073ed04741913befd4fbf813ad405d7404cb7d779536f8b87e71106d7780b2
       #!! ExpectPattern2 hostname*$  # Configures the second automated interaction match expression
       #!! ExpectSendText2 echo tssh expect\r  # Configures the second automated input (plaintext), specify \r to send enter
@@ -243,10 +243,16 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
       #!! ExpectSendText3 ssh xxx\r  # Configures the third automated input, can also use ExpectSendPass3 then configure with encrypted text
       #!! ExpectCaseSendText3 yes/no y\r  # Before matching ExpectPattern3, if encountering yes/no, then send y and enter
       #!! ExpectCaseSendText3 y/n yes\r   # Before matching ExpectPattern3, if encountering y/n, then send yes and enter
-      #!! ExpectCaseSendPass3 token d7... # Before matching ExpectPattern3, if encountering token, then decode and send d7...
+      #!! ExpectCaseSendPass3 token d7... # Before matching ExpectPattern3, if encountering token, then decode d7... and send
+      # --------------------------------------------------
+      #!! ExpectPattern4 token:  # Configures the fourth automated interaction match expression (one-time password)
+      #!! ExpectSendOtp4 oathtool --totp -b xxxxx  # Configure the command line to obtain the one-time password
+      #!! ExpectPattern5 token:  # Configures the fifth automated interaction match expression (one-time password)
+      # The following ciphertext was generated by encoding `oathtool --totp -b xxxxx` with `tssh --enc-secret`.
+      #!! ExpectSendEncOtp5 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
   ```
 
-  - Use `tssh --debug` to log in, you can see the output captured by `expect`, as well as the interaction between its matching results and automated input.
+  - Login using `tssh --debug` if `ExpectCount` is greater than `0`, you can see the output captured by `expect`.
 
 ## Remember Password
 
@@ -282,7 +288,7 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
 
   ```
   Host ctrl
-      #!! CtrlExpectCount 1  # Configure the number of automated interactions, generally only needing to enter the password once
+      #!! CtrlExpectCount 1  # Configure the number of automated interactions, typically only requires entering the password once
       #!! CtrlExpectPattern1 *assword    # Configure the matching expression for the password prompt
       #!! CtrlExpectSendPass1 d7983b...  # Configure the password encoded by `tssh --enc-secret`
   ```
@@ -311,9 +317,9 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
 
 - In addition, there is a keyboard interactive authentication. The server returns some questions, and log in by providing the correct answers. Many custom one-time passwords are implemented by it.
 
-- If the answers are fixed, `tssh` supports remember answers. Most have only one question, just configure `QuestionAnswer1`. For those with multiple questions, the answer to each question can be configured by serial number, or by the hex code of the question.
+- For those with one question and a fixed answer, just configure `QuestionAnswer1`. For those with multiple questions, the answer to each question can be configured by serial number, or by the hex code of the question.
 
-- Use `tssh --debug` to log in, and the hex code of the questions will be output, so that you will know how to configure with the hex code. For example:
+- Login with `tssh --debug`, the hex code of the questions will be output, so that you will know how to configure with the hex code. For example:
 
   ```
   # If configured in ~/.ssh/config, add `#!!` prefix to be compatible with openssh.
@@ -332,8 +338,27 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
       636f64653a20 my_code  # The `636f64653a20` is the hex code of `code: `, `my_code` is plain answer.
   ```
 
+- For one-time password that can be obtained by the command line, you can configure them as follows (configure by serial number or hex code of the question):
+
+  ```
+  Host otp
+      OtpCommand1 oathtool --totp -b xxxxx  # Configure the command line to obtain the one-time password by serial number
+      otp636f64653a20 oathtool --totp -b xxxxx  # Configure the command line by the hex code of the question `code: ` that is `636f64653a20`
+      # The following ciphertext was generated by encoding `oathtool --totp -b xxxxx` with `tssh --enc-secret`. Add the `enc` prefix for configuration.
+      encOtpCommand2 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
+      encotp636f64653a20 77b4ce85d087b39909e563efb165659b22b9ea700a537f1258bdf56ce6fdd6ea70bc7591ea5c01918537a65433133bc0bd5ed3e4
+  ```
+
 - If `ControlMaster` multiplexing is enabled or using `Warp` terminal, you will need to use the `Automated Interaction` mentioned earlier to achieve remembering answers.
 
+  ```
+  Host ctrl_otp
+      #!! CtrlExpectCount 1  # Configure the number of automated interactions, typically only requires entering the password once
+      #!! CtrlExpectPattern1 token:  # Configure the matching expression for the password prompt (one-time password)
+      #!! CtrlExpectSendOtp1 oathtool --totp -b xxxxx  # Configure the command line to obtain the one-time password
+      #!! CtrlExpectSendEncOtp1 77b4ce85d0...  # Or configure the encrypted command line encoded using `tssh --enc-secret`
+  ```
+
 ## Configuration
 
 - The following custom configurations are supported in `~/.tssh.conf` (`C:\Users\your_name\.tssh.conf` on Windows):
@@ -351,15 +376,19 @@ _`~/` represents the HOME directory. Please replace `~/` below with `C:\Users\yo
   # The automatically save path for tsz downloading, the default is empty which poping up a folder dialog.
   DefaultDownloadPath = ~/Downloads
 
-  # When tssh searches and selects a server, the number of records displayed on each page, the default is 10.
+  # When searching and selecting servers with tssh, the number of records displayed on each page, the default is 10.
   PromptPageSize = 10
 
-  # When tssh searches and selects a server, default is normal mode similar to vim. Configure to search mode as follows:
+  # When searching and selecting servers with tssh, default is normal mode similar to vim. Configure to search mode as follows:
   PromptDefaultMode = search
 
-  # When tssh searches and selects a server, the items displayed in details. The default is as follows:
+  # When searching and selecting servers with tssh, the items displayed in details. The default is as follows:
   PromptDetailItems = Alias Host Port User GroupLabels IdentityFile ProxyCommand ProxyJump RemoteCommand
 
+  # When searching and selecting servers with tssh, you can customize the cursor and selected icon:
+  PromptCursorIcon = 🧨
+  PromptSelectedIcon = 🍺
+
   # Auto set terminal title after login. It will not be reset after exiting. Please set PROMPT_COMMAND in local shell.
   SetTerminalTitle = Yes
   ```