页面“Xen虚拟化技术中PV和HVM的区别”与“Expect基础”之间的差异
(页面间的差异)
跳到导航
跳到搜索
(创建页面,内容为“en是一个开源的type-1或者裸机管理程序,它使得一个物理主机能够同时并行运行多个相同的或者不同的操作系统实例。Xen是目…”) |
|||
| 第1行: | 第1行: | ||
| − | + | [[category:shell]] | |
| + | =Question= | ||
| + | 有个项目要迁移 新来一批机器 要做初始化 于是抽空练了一下expect | ||
| + | 有可能有这个 警告 expect: spawn id exp4 not open 不过效果是没问题的 | ||
| − | + | =利用expect批量添加pubkey= | |
| + | ==多台添加pubkey == | ||
| + | <pre> | ||
| + | cat main | ||
| + | #!/bin/bash | ||
| + | for ip in `cat list` | ||
| − | + | do | |
| + | #echo $ip | ||
| + | ./addkey $ip | ||
| − | + | done | |
| − | |||
| − | |||
| − | + | cat addkey | |
| + | #!/usr/local/bin/expect | ||
| + | #define var | ||
| + | set timeout 17 | ||
| + | # #<==接受第一个参数,赋值host | ||
| + | set host [lindex $argv 0] | ||
| + | set password "evan==" | ||
| − | |||
| − | + | #spawn 执行的命令在这里,这里用 添加 pub key 作为例子 | |
| + | spawn ssh-copy-id -i /home/evan/lx/ssh/opspub root@$host | ||
| + | #spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host | ||
| + | #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] | ||
| − | + | #expect 去掉交互,让他自动交互完成 | |
| + | expect { | ||
| + | "*yes/no" { send "yes\r"; exp_continue} | ||
| + | "*password:" { send "$password\r" } | ||
| + | } | ||
| + | #send "exit\r" | ||
| + | expect eof | ||
| − | + | cat list | |
| + | 192.168.7.4 | ||
| + | 192.168.7.46 | ||
| − | + | ##上面用了copy-id 如果想用scp etc | |
| + | #!/usr/bin/expect | ||
| + | set timeout 5 | ||
| + | set hostno [lindex $argv 0] | ||
| + | spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key | ||
| + | expect "*password*" | ||
| + | send "111111\r" | ||
| + | spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys" | ||
| + | expect "*password*" | ||
| + | send "111111\r" | ||
| + | spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys" | ||
| + | expect "*password*" | ||
| + | send "111111\r" | ||
| + | expect eof | ||
| − | [[ | + | (3)分析: |
| + | set可以设置超时,或者设置一个变量的值 | ||
| + | spawn是执行一个命令 | ||
| + | expect等待一个匹配的输出流中的内容 | ||
| + | send是匹配到之后向输入流写入的内容 | ||
| + | [lindex $argv 0]表示脚本的第0个参数 | ||
| + | expect eof表示读取到文件结束符 | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | ==多台修改ssh安全(远程执行命令和退出) == | ||
| + | <pre> | ||
| + | cat run | ||
| + | #!/usr/local/bin/expect | ||
| + | #define var | ||
| + | set timeout 17 | ||
| + | set host [lindex $argv 0] | ||
| + | set password "evan==" | ||
| + | |||
| + | #spawn | ||
| + | spawn ssh root@$host | ||
| + | |||
| + | expect { | ||
| + | |||
| + | "*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r"; | ||
| + | send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r" | ||
| + | send "systemctl restart sshd\r" | ||
| + | #send "\r" | ||
| + | } | ||
| + | } | ||
| + | send "exit\r" | ||
| + | expect eof | ||
| + | |||
| + | cat main | ||
| + | #!/bin/bash | ||
| + | for ip in `cat list` | ||
| + | |||
| + | do | ||
| + | #echo $ip | ||
| + | #./addkey $ip | ||
| + | ./run $ip | ||
| + | |||
| + | done | ||
| + | |||
| + | #run | ||
| + | bash main | ||
| + | </pre> | ||
| + | |||
| + | ==单个== | ||
| + | <pre> | ||
| + | |||
| + | vi addkey | ||
| + | |||
| + | #!/usr/local/bin/expect | ||
| + | #SERVERS="101.00.208.197 120.40.043.52 " | ||
| + | set timeout 5 | ||
| + | set host [lindex $argv 0] | ||
| + | spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host | ||
| + | #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] | ||
| + | expect { | ||
| + | "*yes/no" { send "yes\r"; exp_continue} | ||
| + | "*password:" { send "P2xMGipLpSG7dA==\r" } | ||
| + | } | ||
| + | |||
| + | expect eof | ||
| + | |||
| + | |||
| + | 用法 | ||
| + | ./addkey 18.80.216.19 #这是你的IP | ||
| + | </pre> | ||
| + | |||
| + | =on dovo= | ||
| + | <pre> | ||
| + | #!/usr/bin/expect | ||
| + | #good on new kali 这个在新的kali 上是ok的 | ||
| + | set timeout 30 | ||
| + | set sshIP "4.88.1.2" | ||
| + | set keypassword "ZdvV" | ||
| + | set rootPassword "5D" | ||
| + | #spawn ssh -o StrictHostKeyChecking=no -i /root/key evan@$sshIP | ||
| + | expect "Enter passphrase" | ||
| + | send "$keypassword\r" | ||
| + | expect "]$" | ||
| + | send "sudo -i\r" | ||
| + | expect "xxxxx" | ||
| + | send "$rootPassword\r" | ||
| + | expect "]#" | ||
| + | ## run command | ||
| + | #send "cat /root/1 && echo 'test was ok .';exit\r" | ||
| + | #send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r" | ||
| + | #expect "52wan" | ||
| + | #send "exit\r" | ||
| + | #expect eof {exit 0} | ||
| + | interact | ||
| + | |||
| + | |||
| + | #!/usr/bin/expect | ||
| + | # on old kali 这个在老的kali | ||
| + | set timeout 30 | ||
| + | set sshIP "4.88.1.2" | ||
| + | set keypassword "Zd" | ||
| + | set rootPassword "5D" | ||
| + | spawn ssh -o StrictHostKeyChecking=no -i /home/key evan@$sshIP | ||
| + | expect "Enter passphrase" | ||
| + | send "$keypassword\r" | ||
| + | expect "52wan" | ||
| + | send "sudo -i\r" | ||
| + | expect "password for 52wan:" | ||
| + | send "$rootPassword\r" | ||
| + | expect "]#" | ||
| + | ## run command | ||
| + | #send "cat /root/1 && echo 'test was ok .';exit\r" | ||
| + | #send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r" | ||
| + | #expect "52wan" | ||
| + | #send "exit\r" | ||
| + | #expect eof {exit 0} | ||
| + | interact | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | ==sudo addkey == | ||
| + | <pre> | ||
| + | addkey | ||
| + | #!/bin/bash | ||
| + | #cat main evan 只能秀 sed 1a 不能和3a 会不成功 | ||
| + | #for ip in `cat li` | ||
| + | for ip in `cat list` | ||
| + | |||
| + | do | ||
| + | |||
| + | ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo mkdir -p /root/.ssh" | ||
| + | ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo sed -i '1a ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAdfasfBAQDTR3R8Bz2mj lx' /root/.ssh/authorized_keys" | ||
| + | done | ||
| + | </pre> | ||
| + | |||
| + | =see also= | ||
| + | [https://www.cnblogs.com/jpinsz/p/10772750.html expect 分发ssh key脚本写得非常规范] | ||
| + | |||
| + | [https://www.cnblogs.com/lixigang/articles/4849527.html Shell脚本学习之expect命令完整学习] | ||
| + | |||
| + | [https://www.cnblogs.com/changyaoguo/p/5764008.html ssh+expect批量分发] | ||
| + | |||
| + | |||
| + | [https://www.cnblogs.com/zhaoyangjian724/p/3798006.html expect: spawn id exp4 not open] | ||
2020年1月2日 (四) 07:14的版本
目录
Question
有个项目要迁移 新来一批机器 要做初始化 于是抽空练了一下expect 有可能有这个 警告 expect: spawn id exp4 not open 不过效果是没问题的
利用expect批量添加pubkey
多台添加pubkey
cat main #!/bin/bash for ip in `cat list` do #echo $ip ./addkey $ip done cat addkey #!/usr/local/bin/expect #define var set timeout 17 # #<==接受第一个参数,赋值host set host [lindex $argv 0] set password "evan==" #spawn 执行的命令在这里,这里用 添加 pub key 作为例子 spawn ssh-copy-id -i /home/evan/lx/ssh/opspub root@$host #spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] #expect 去掉交互,让他自动交互完成 expect { "*yes/no" { send "yes\r"; exp_continue} "*password:" { send "$password\r" } } #send "exit\r" expect eof cat list 192.168.7.4 192.168.7.46 ##上面用了copy-id 如果想用scp etc #!/usr/bin/expect set timeout 5 set hostno [lindex $argv 0] spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key expect "*password*" send "111111\r" spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys" expect "*password*" send "111111\r" spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys" expect "*password*" send "111111\r" expect eof (3)分析: set可以设置超时,或者设置一个变量的值 spawn是执行一个命令 expect等待一个匹配的输出流中的内容 send是匹配到之后向输入流写入的内容 [lindex $argv 0]表示脚本的第0个参数 expect eof表示读取到文件结束符
多台修改ssh安全(远程执行命令和退出)
cat run
#!/usr/local/bin/expect
#define var
set timeout 17
set host [lindex $argv 0]
set password "evan=="
#spawn
spawn ssh root@$host
expect {
"*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r";
send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r"
send "systemctl restart sshd\r"
#send "\r"
}
}
send "exit\r"
expect eof
cat main
#!/bin/bash
for ip in `cat list`
do
#echo $ip
#./addkey $ip
./run $ip
done
#run
bash main
单个
vi addkey #!/usr/local/bin/expect #SERVERS="101.00.208.197 120.40.043.52 " set timeout 5 set host [lindex $argv 0] spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] expect { "*yes/no" { send "yes\r"; exp_continue} "*password:" { send "P2xMGipLpSG7dA==\r" } } expect eof 用法 ./addkey 18.80.216.19 #这是你的IP
on dovo
#!/usr/bin/expect
#good on new kali 这个在新的kali 上是ok的
set timeout 30
set sshIP "4.88.1.2"
set keypassword "ZdvV"
set rootPassword "5D"
#spawn ssh -o StrictHostKeyChecking=no -i /root/key evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "]$"
send "sudo -i\r"
expect "xxxxx"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1 && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact
#!/usr/bin/expect
# on old kali 这个在老的kali
set timeout 30
set sshIP "4.88.1.2"
set keypassword "Zd"
set rootPassword "5D"
spawn ssh -o StrictHostKeyChecking=no -i /home/key evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "52wan"
send "sudo -i\r"
expect "password for 52wan:"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1 && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact
sudo addkey
addkey #!/bin/bash #cat main evan 只能秀 sed 1a 不能和3a 会不成功 #for ip in `cat li` for ip in `cat list` do ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo mkdir -p /root/.ssh" ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo sed -i '1a ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAdfasfBAQDTR3R8Bz2mj lx' /root/.ssh/authorized_keys" done
