[SOLVED] Script to SSHand run some commands

getraj.12 · 10-31-2012, 04:10 PM

Hello Guys..

I am looking for a shell script to connect to servers and run some commands and copy the command O/P to a file on the local server and exit, Then move on to another server and do the same task.

Note : I do not have ssh password less authentication enabled for all the servers and I have 200 + servers to login.

I would appreciate a prompt response...

flirek · 10-31-2012, 07:46 PM

try: man expect

KenJackson · 10-31-2012, 11:19 PM

I just did this and it worked. (Pretend my remote server is named server.com.) The text file is written locally. Is this what you mean?

Code:

ssh server.com ls > server-ls.txt

Expect was necessary back in the days of telnet, but ssh is so flexible, you can do almost anything directly in a shell script once you have password-less logins working. It should be trivial to extend this to a loop with the server name in a variable.

In fact, some of my scripts have lines like this, where $SSH is either empty or "ssh server" so I can use the same script on the local and remote machines.

Code:

$EVAL $SSH VBoxManage controlvm $VM poweroff

Turbocapitalist · 11-01-2012, 07:48 AM

For the 200+ servers to log into, I would use key based authentication. Yes, the keys will have to be copied to each server individually, but once that is done they can be reused many times. You can leave the keys with a strong password and use an agent to help with authentication. That way you can enter the passphrase once and then use the key for many logins without having to reenter the passphrase.

Most distros have an agent available for you by default. If you run "set | grep SSH" and see SSH_AUTH_SOCK and SSH_AGENT_PID then you have an agent running and available. You can put it to use with a key using ssh-add.

KenJackson · 11-01-2012, 08:20 AM

Quote:

Originally Posted by getraj.12@gmail.com

Note : I do not have ssh password less authentication enabled for all the servers and I have 200 + servers to login.

Oops. I missed the not in that sentence.

I agree with Turbocapitalist. But I use keychain to store my key in memory. That is, the first time I login after a boot, I'm prompted for the passphrase that unlocks my SSH private key. Then the unlocked key is held in memory (even when I'm logged out) until the machine is rebooted or I kill the keychain process.

With that setup, I can use ssh and scp to access every host which I have previously added my public key to. The public key from the desktop in front of you, e.g. ~/.ssh/id_dsa.pub, must be appended to the ~/.ssh/authorized_keys file on all those servers. They're both text files.

Otherwise, maybe flirek's suggestion of expect was reasonable. It allows you to automate typing in a password.