页面“A single server that handles both HTTP and HTTPS requests”与“Expect基础”之间的差异

来自linux中国网wiki
(页面间的差异)
跳到导航 跳到搜索
(导入1个版本)
 
 
第1行: 第1行:
 +
=利用expect批量添加pubkey=
 +
==多台添加pubkey ==
 +
<pre>
 +
cat main
 +
#!/bin/bash
 +
for ip  in `cat list`
 +
 +
do
 +
#echo $ip
 +
./addkey  $ip
 +
 +
done
 +
 +
 +
 +
cat addkey
 +
#!/usr/local/bin/expect
 +
#define var
 +
set timeout 17
 +
# #<==接受第一个参数,赋值host
 +
set host [lindex $argv 0]
 +
set password "evan=="
 +
 +
 +
#spawn
 +
spawn ssh-copy-id  -i /home/evan/lx/ssh/opspub root@$host
 +
#spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub root@$host
 +
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]
 +
 +
#expect
 +
expect {                 
 +
"*yes/no" { send "yes\r"; exp_continue} 
 +
"*password:" { send "$password\r" }     
 +
 +
#send  "exit\r" 
 +
expect eof
 +
 +
cat list
 +
192.168.7.4
 +
192.168.7.46
 +
 +
##上面用了copy-id  如果想用scp  etc
 +
 +
    #!/usr/bin/expect   
 +
    set timeout 5   
 +
    set hostno [lindex $argv 0]   
 +
    spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key   
 +
    expect "*password*"   
 +
    send "111111\r"   
 +
    spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys"   
 +
    expect "*password*"   
 +
    send "111111\r"   
 +
    spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys"   
 +
    expect "*password*"   
 +
    send "111111\r"   
 +
    expect eof   
 +
 +
(3)分析:
 +
set可以设置超时,或者设置一个变量的值
 +
spawn是执行一个命令
 +
expect等待一个匹配的输出流中的内容
 +
send是匹配到之后向输入流写入的内容
 +
[lindex $argv 0]表示脚本的第0个参数
 +
expect eof表示读取到文件结束符
 +
 +
</pre>
  
==a single server that handles both HTTP and HTTPS requests==
+
==多台添加ssh安全(远程执行命令和退出) ==
 
<pre>
 
<pre>
 +
cat  run
 +
#!/usr/local/bin/expect
 +
#define var
 +
set timeout 17
 +
set host [lindex $argv 0]
 +
set password "evan=="
  
A single HTTP/HTTPS server
+
#spawn
It is possible to configure a single server that handles both HTTP and HTTPS requests:
+
spawn ssh root@$host
  
server {
+
expect {
    listen              80;
+
 
     listen              443 ssl;
+
     "*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r";
    server_name        www.example.com;
+
send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r"
    ssl_certificate    www.example.com.crt;
+
send "systemctl restart sshd\r"
    ssl_certificate_key www.example.com.key;
+
#send "\r"
     ...
+
     }
 
}
 
}
 +
send  "exit\r" 
 +
expect eof
 +
 +
cat main
 +
#!/bin/bash
 +
for ip  in `cat list`
 +
 +
do
 +
#echo $ip
 +
#./addkey  $ip
 +
./run  $ip
 +
 +
done
 +
 +
#run
 +
bash main
 
</pre>
 
</pre>
  
 +
==单个==
 +
<pre>
 +
 +
vi addkey
 +
 +
#!/usr/local/bin/expect
 +
#SERVERS="101.00.208.197 120.40.043.52 "
 +
set timeout 5 
 +
set host [lindex $argv 0]
 +
spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub root@$host
 +
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]
 +
expect {                 
 +
"*yes/no" { send "yes\r"; exp_continue} 
 +
"*password:" { send "P2xMGipLpSG7dA==\r" }     
 +
  
==参考==
+
expect eof
http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server
 
  
[[category:nginx]]
+
 
 +
用法
 +
./addkey  18.80.216.19 #这是你的IP
 +
</pre>
 +
 
 +
=on dovo=
 +
<pre>
 +
#!/usr/bin/expect
 +
#good on new kali  这个在新的kali 上是ok的
 +
set timeout 30
 +
set sshIP "4.88.1.2"
 +
set keypassword "ZdvV"
 +
set rootPassword "5D"
 +
#spawn ssh -o StrictHostKeyChecking=no -i /root/key  evan@$sshIP
 +
expect "Enter passphrase"
 +
send "$keypassword\r"
 +
expect "]$"
 +
send "sudo -i\r"
 +
expect "xxxxx"
 +
send "$rootPassword\r"
 +
expect "]#"
 +
## run command
 +
#send "cat /root/1  && echo 'test was ok .';exit\r"
 +
#send "bash /data/tmp/dbins  && echo 'dbins  was ok.';exit\r"
 +
#expect "52wan"
 +
#send "exit\r"
 +
#expect eof {exit 0}
 +
interact
 +
 
 +
 
 +
#!/usr/bin/expect
 +
# on old kali  这个在老的kali
 +
set timeout 30
 +
set sshIP "4.88.1.2"
 +
set keypassword "Zd"
 +
set rootPassword "5D"
 +
spawn ssh -o StrictHostKeyChecking=no -i /home/key  evan@$sshIP
 +
expect "Enter passphrase"
 +
send "$keypassword\r"
 +
expect "52wan"
 +
send "sudo -i\r"
 +
expect "password for 52wan:"
 +
send "$rootPassword\r"
 +
expect "]#"
 +
## run command
 +
#send "cat /root/1  && echo 'test was ok .';exit\r"
 +
#send "bash /data/tmp/dbins  && echo 'dbins  was ok.';exit\r"
 +
#expect "52wan"
 +
#send "exit\r"
 +
#expect eof {exit 0}
 +
interact
 +
 
 +
</pre>

2019年11月12日 (二) 09:51的版本

利用expect批量添加pubkey

多台添加pubkey

cat main 
#!/bin/bash
for ip   in `cat list` 

do 
#echo $ip
./addkey  $ip

done 



cat addkey 
#!/usr/local/bin/expect
 #define var
set timeout 17
# #<==接受第一个参数,赋值host
set host [lindex $argv 0]
set password "evan=="


#spawn
spawn ssh-copy-id  -i /home/evan/lx/ssh/opspub root@$host
#spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub root@$host
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]

#expect
expect {                  
 "*yes/no" { send "yes\r"; exp_continue}   
 "*password:" { send "$password\r" }       
 }  
#send  "exit\r"  
expect eof

cat list 
192.168.7.4
192.168.7.46

##上面用了copy-id  如果想用scp  etc 

    #!/usr/bin/expect    
    set timeout 5    
    set hostno [lindex $argv 0]    
    spawn scp ~/.ssh/id_dsa.pub impala$hostno:~/.ssh/pub_key    
    expect "*password*"    
    send "111111\r"    
    spawn ssh impala$hostno "cat ~/.ssh/pub_key/ >> ~/.ssh/authorized_keys"    
    expect "*password*"    
    send "111111\r"    
    spawn ssh impala$hostno "chmod 600 ~/.ssh/authorized_keys"    
    expect "*password*"    
    send "111111\r"    
    expect eof    

(3)分析:
set可以设置超时,或者设置一个变量的值
spawn是执行一个命令
expect等待一个匹配的输出流中的内容
send是匹配到之后向输入流写入的内容
[lindex $argv 0]表示脚本的第0个参数
expect eof表示读取到文件结束符

多台添加ssh安全(远程执行命令和退出)

 cat   run
#!/usr/local/bin/expect
 #define var
set timeout 17
set host [lindex $argv 0]
set password "evan=="

#spawn
spawn ssh root@$host

expect {

    "*#*" { send "sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/g' /etc/ssh/sshd_config\r";
send "sed -i 's/^PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config\r"
send "systemctl restart sshd\r"
	#send "\r"
    }
}
send  "exit\r"  
expect eof

cat main
#!/bin/bash
for ip   in `cat list` 

do 
#echo $ip
#./addkey  $ip
./run  $ip

done 

#run 
bash main

单个


vi addkey

#!/usr/local/bin/expect
#SERVERS="101.00.208.197 120.40.043.52 " 
set timeout 5   
set host [lindex $argv 0]
spawn ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub root@$host
#ssh-copy-id  -i /home/evan/.ssh/id_rsa.pub [email protected]
expect {                  
 "*yes/no" { send "yes\r"; exp_continue}   
 "*password:" { send "P2xMGipLpSG7dA==\r" }       
 }  

expect eof


用法 
	./addkey  18.80.216.19 #这是你的IP

on dovo

#!/usr/bin/expect
#good on new kali  这个在新的kali 上是ok的
set timeout 30
set sshIP "4.88.1.2"
set keypassword "ZdvV"
set rootPassword "5D"
#spawn ssh -o StrictHostKeyChecking=no -i /root/key  evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "]$"
send "sudo -i\r"
expect "xxxxx"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1  && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins   && echo 'dbins  was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact


#!/usr/bin/expect
# on old kali  这个在老的kali
set timeout 30
set sshIP "4.88.1.2"
set keypassword "Zd"
set rootPassword "5D"
spawn ssh -o StrictHostKeyChecking=no -i /home/key  evan@$sshIP
expect "Enter passphrase"
send "$keypassword\r"
expect "52wan"
send "sudo -i\r"
expect "password for 52wan:"
send "$rootPassword\r"
expect "]#"
## run command
#send "cat /root/1  && echo 'test was ok .';exit\r"
#send "bash /data/tmp/dbins   && echo 'dbins  was ok.';exit\r"
#expect "52wan"
#send "exit\r"
#expect eof {exit 0}
interact
取自“http://wiki.linuxchina.net/index.php?title=A_single_server_that_handles_both_HTTP_and_HTTPS_requests&oldid=2068