“Expect基础”的版本间的差异
跳到导航
跳到搜索
| (未显示同一用户的4个中间版本) | |||
| 第28行: | 第28行: | ||
| − | #spawn | + | #spawn 执行的命令在这里,这里用 添加 pub key 作为例子 |
spawn ssh-copy-id -i /home/evan/lx/ssh/opspub root@$host | spawn ssh-copy-id -i /home/evan/lx/ssh/opspub root@$host | ||
#spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host | #spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host | ||
#ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] | #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] | ||
| − | #expect | + | #expect 去掉交互,让他自动交互完成 |
expect { | expect { | ||
"*yes/no" { send "yes\r"; exp_continue} | "*yes/no" { send "yes\r"; exp_continue} | ||
| 第71行: | 第71行: | ||
</pre> | </pre> | ||
| − | == | + | ==多台修改ssh安全(远程执行命令和退出) == |
<pre> | <pre> | ||
cat run | cat run | ||
| 第180行: | 第180行: | ||
</pre> | </pre> | ||
| + | |||
| + | ==sudo addkey == | ||
| + | <pre> | ||
| + | addkey | ||
| + | #!/bin/bash | ||
| + | #cat main evan 只能秀 sed 1a 不能和3a 会不成功 不能用 echo 会说没权限 | ||
| + | #for ip in `cat li` | ||
| + | for ip in `cat list` | ||
| + | |||
| + | do | ||
| + | |||
| + | ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo mkdir -p /root/.ssh" | ||
| + | ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo sed -i '1a ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAdfasfBAQDTR3R8Bz2mj lx' /root/.ssh/authorized_keys" | ||
| + | done | ||
| + | </pre> | ||
| + | ==change hostname== | ||
| + | <pre> | ||
| + | cat hoso | ||
| + | #!/bin/bash | ||
| + | |||
| + | IP=( | ||
| + | 18.138.827.24 | ||
| + | 13.271.85.64 | ||
| + | ) | ||
| + | HOSTNAME=( | ||
| + | prod-jenkin1 | ||
| + | prod--es1 | ||
| + | |||
| + | ) | ||
| + | for no in `seq 0 1 ` | ||
| + | do | ||
| + | |||
| + | #for ip in `cat list` | ||
| + | |||
| + | #do | ||
| + | #echo $ip | ||
| + | |||
| + | |||
| + | #echo ${IP[$no]} | ||
| + | |||
| + | #ssh -i evan -o "StrictHostKeyChecking no" root@${IP[$no]} " hostnamectl --static set-hostname ${HOSTNAME[$no]} " | ||
| + | ssh -i evan -o "StrictHostKeyChecking no" root@${IP[$no]} " hostname" | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | done | ||
| + | |||
| + | </pre> | ||
| + | |||
=see also= | =see also= | ||
[https://www.cnblogs.com/jpinsz/p/10772750.html expect 分发ssh key脚本写得非常规范] | [https://www.cnblogs.com/jpinsz/p/10772750.html expect 分发ssh key脚本写得非常规范] | ||
2020年1月2日 (四) 07:21的最新版本
目录
Question
有个项目要迁移 新来一批机器 要做初始化 于是抽空练了一下expect 有可能有这个 警告 expect: spawn id exp4 not open 不过效果是没问题的
利用expect批量添加pubkey
多台添加pubkey
cat main #!/bin/bash for ip in `cat list` do #echo $ip ./addkey $ip done cat addkey #!/usr/local/bin/expect #define var set timeout 17 # #<==接受第一个参数,赋值host set host [lindex $argv 0] set password "evan==" #spawn 执行的命令在这里,这里用 添加 pub key 作为例子 spawn ssh-copy-id -i /home/evan/lx/ssh/opspub root@$host #spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] #expect 去掉交互,让他自动交互完成 expect { "*yes/no" { send "yes\r"; exp_continue} "*password:" { send "$password\r" } } #send "exit\r" expect eof cat list 192.168.7.4 192.168.7.46 ##上面用了copy-id 如果想用scp etc #!/usr/bin/expect set timeout 5 set hostno [lindex $argv 0] spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key expect "*password*" send "111111\r" spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys" expect "*password*" send "111111\r" spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys" expect "*password*" send "111111\r" expect eof (3)分析: set可以设置超时,或者设置一个变量的值 spawn是执行一个命令 expect等待一个匹配的输出流中的内容 send是匹配到之后向输入流写入的内容 [lindex $argv 0]表示脚本的第0个参数 expect eof表示读取到文件结束符
多台修改ssh安全(远程执行命令和退出)
cat run
#!/usr/local/bin/expect
#define var
set timeout 17
set host [lindex $argv 0]
set password "evan=="
#spawn
spawn ssh root@$host
expect {
"*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r";
send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r"
send "systemctl restart sshd\r"
#send "\r"
}
}
send "exit\r"
expect eof
cat main
#!/bin/bash
for ip in `cat list`
do
#echo $ip
#./addkey $ip
./run $ip
done
#run
bash main
单个
vi addkey #!/usr/local/bin/expect #SERVERS="101.00.208.197 120.40.043.52 " set timeout 5 set host [lindex $argv 0] spawn ssh-copy-id -i /home/evan/.ssh/id_rsa.pub root@$host #ssh-copy-id -i /home/evan/.ssh/id_rsa.pub [email protected] expect { "*yes/no" { send "yes\r"; exp_continue} "*password:" { send "P2xMGipLpSG7dA==\r" } } expect eof 用法 ./addkey 18.80.216.19 #这是你的IP
on dovo
#!/usr/bin/expect
#good on new kali 这个在新的kali 上是ok的
set timeout 30
set sshIP "4.88.1.2"
set keypassword "ZdvV"
set rootPassword "5D"
#spawn ssh -o StrictHostKeyChecking=no -i /root/key evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "]$"
send "sudo -i\r"
expect "xxxxx"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1 && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact
#!/usr/bin/expect
# on old kali 这个在老的kali
set timeout 30
set sshIP "4.88.1.2"
set keypassword "Zd"
set rootPassword "5D"
spawn ssh -o StrictHostKeyChecking=no -i /home/key evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "52wan"
send "sudo -i\r"
expect "password for 52wan:"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1 && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins && echo 'dbins was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact
sudo addkey
addkey #!/bin/bash #cat main evan 只能秀 sed 1a 不能和3a 会不成功 不能用 echo 会说没权限 #for ip in `cat li` for ip in `cat list` do ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo mkdir -p /root/.ssh" ssh -i .key -o "StrictHostKeyChecking no" centos@$ip "sudo sed -i '1a ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAdfasfBAQDTR3R8Bz2mj lx' /root/.ssh/authorized_keys" done
change hostname
cat hoso
#!/bin/bash
IP=(
18.138.827.24
13.271.85.64
)
HOSTNAME=(
prod-jenkin1
prod--es1
)
for no in `seq 0 1 `
do
#for ip in `cat list`
#do
#echo $ip
#echo ${IP[$no]}
#ssh -i evan -o "StrictHostKeyChecking no" root@${IP[$no]} " hostnamectl --static set-hostname ${HOSTNAME[$no]} "
ssh -i evan -o "StrictHostKeyChecking no" root@${IP[$no]} " hostname"
done
