Expect基础

来自linux中国网wiki
跳到导航 跳到搜索

Question

有个项目要迁移 新来一批机器 要做初始化 于是抽空练了一下expect
 有可能有这个  警告 expect: spawn id exp4 not open 不过效果是没问题的

利用expect批量添加pubkey

多台添加pubkey

cat main 
#!/bin/bash
for ip   in `cat list` 

do 
#echo $ip
./addkey  $ip

done 



cat addkey 
#!/usr/local/bin/expect
 #define var
set timeout 17
# #<==接受第一个参数,赋值host
set host [lindex $argv 0]
set password "evan=="


#spawn  执行的命令在这里,这里用 添加 pub key 作为例子
spawn ssh-copy-id  -i /home/evan/lx/ssh/opspub [email protected]$host
#spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]$host
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]

#expect 去掉交互,让他自动交互完成 
expect {                  
 "*yes/no" { send "yes\r"; exp_continue}   
 "*password:" { send "$password\r" }       
 }  
#send  "exit\r"  
expect eof

cat list 
192.168.7.4
192.168.7.46

##上面用了copy-id  如果想用scp  etc 

    #!/usr/bin/expect    
    set timeout 5    
    set hostno [lindex $argv 0]    
    spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key    
    expect "*password*"    
    send "111111\r"    
    spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys"    
    expect "*password*"    
    send "111111\r"    
    spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys"    
    expect "*password*"    
    send "111111\r"    
    expect eof    

(3)分析:
set可以设置超时,或者设置一个变量的值
spawn是执行一个命令
expect等待一个匹配的输出流中的内容
send是匹配到之后向输入流写入的内容
[lindex $argv 0]表示脚本的第0个参数
expect eof表示读取到文件结束符

多台修改ssh安全(远程执行命令和退出)

 cat   run
#!/usr/local/bin/expect
 #define var
set timeout 17
set host [lindex $argv 0]
set password "evan=="

#spawn
spawn ssh [email protected]$host

expect {

    "*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r";
send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r"
send "systemctl restart sshd\r"
	#send "\r"
    }
}
send  "exit\r"  
expect eof

cat main
#!/bin/bash
for ip   in `cat list` 

do 
#echo $ip
#./addkey  $ip
./run  $ip

done 

#run 
bash main 

单个

vi addkey

#!/usr/local/bin/expect
#SERVERS="101.00.208.197 120.40.043.52 " 
set timeout 5   
set host [lindex $argv 0]
spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]$host
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]
expect {                  
 "*yes/no" { send "yes\r"; exp_continue}   
 "*password:" { send "P2xMGipLpSG7dA==\r" }       
 }  

expect eof


用法 
	./addkey  18.80.216.19 #这是你的IP 

on dovo

#!/usr/bin/expect
#good on new kali  这个在新的kali 上是ok的
set timeout 30
set sshIP "4.88.1.2"
set keypassword "ZdvV"
set rootPassword "5D"
#spawn ssh -o StrictHostKeyChecking=no -i /root/key  [email protected]$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "]$"
send "sudo -i\r"
expect "xxxxx"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1  && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins   && echo 'dbins  was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact


#!/usr/bin/expect
# on old kali  这个在老的kali
set timeout 30
set sshIP "4.88.1.2"
set keypassword "Zd"
set rootPassword "5D"
spawn ssh -o StrictHostKeyChecking=no -i /home/key  [email protected]$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "52wan"
send "sudo -i\r"
expect "password for 52wan:"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1  && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins   && echo 'dbins  was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact

sudo addkey

 addkey 
#!/bin/bash
#cat main evan  只能秀 sed  1a  不能和3a 会不成功   不能用 echo  会说没权限 
#for ip   in `cat li` 
for ip   in `cat list` 

do 

 ssh -i .key -o "StrictHostKeyChecking no"  [email protected]$ip  "sudo mkdir -p /root/.ssh"
ssh -i .key -o "StrictHostKeyChecking no"  [email protected]$ip "sudo sed -i '1a ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAdfasfBAQDTR3R8Bz2mj lx' /root/.ssh/authorized_keys"
done 

change hostname

 cat hoso 
#!/bin/bash

IP=(
18.138.827.24
13.271.85.64
)
HOSTNAME=(
prod-jenkin1
prod--es1

)
for  no in `seq 0 1 `
do

#for ip   in `cat list` 

#do 
#echo $ip


#echo  ${IP[$no]}

#ssh  -i evan -o "StrictHostKeyChecking no"  [email protected]${IP[$no]}  " hostnamectl --static  set-hostname ${HOSTNAME[$no]} "
ssh  -i evan -o "StrictHostKeyChecking no"  [email protected]${IP[$no]}  " hostname"




done 

see also

expect 分发ssh key脚本写得非常规范

Shell脚本学习之expect命令完整学习

ssh+expect批量分发


expect: spawn id exp4 not open