Poor Man's Expect SSO
- Tags:
The second script is merely for the completeness of this example the primary focus is how to use expect to repeatedly enter a password at an SSH prompt generated by some repeated task being performed via SSH. Obviously using loops and automatic password entry could allow you to break a large number of machines very quickly and encoding your password into a file is a security issue so use at your own risk and with some common sense...
#!/usr/bin/expect -f # Title: poor_mans_expect_SSO.exp # Author: Philip Mather # Version: 0.5 # Notes: Basically just a wrapper script for any other script that uses SSH to repeatedly login to servers. spawn ./interesting_action_over_ssh.sh set timeout 600 expect "*?assword:*" { send "MySuperPassword\r" exp_continue }
...and this is an example of the sort of script that iterates over servers doing some task that Expect can handle...
#!/bin/bash # Title: interesting_action_over_ssh.sh # Author: Philip Mather # Version: 0.5 # Notes: Just an example script. server="webserver01 webserver02 webserver03" for i in ${servers} do ssh -o StrictHostKeyChecking=no someluser@${i} "find /etc/ -type f 2> /dev/null | xargs sudo md5sum" > ./results/${i}.md5results done for i in ${servers} do diff --suppress-common-lines --side-by-side results/webserver01.results results/${i}.results done
