[SOLVED] Bash Script to push ssh keys to more than one server.

vwtech · 02-14-2014, 04:43 PM

I would like to push ssh keys to multiple servers.
The passphase (first part of it) needs be last 2 characters of the hostname that I'm attempting to push the key to and 7 other characters (second part) from a file.

Below is the script I made (new to creating scripts):

#!/bin/bash
#Purpose of script is to push ssh key to multiple servers.
#Update/create file that contains the list of hostnames that need keys pushed to them.
#PART1 has piece of the passphrase.-Review this variable.
#PART2 has second piece of the passphrase.-Change as needed.
#Example: ./script.sh hostlist.txt hostlist.log

if [ $# -ne 2 ]
then
echo "You forgot the hostlist & log file your going to use-try again."
exit

TEMP=./temp
PART1=`cat $TEMP`
PART2=`cat ./second`
PWD=$PART1$PART2
WORD=./word

for X in `cat $1`
do
echo $X| awk -F. '{print $1}'| egrep -o .{2}$ > $TEMP
echo $PWD > $WORD
sshpass -f $WORD ssh-copy-id root@$X
done | tee $2
exit 0

Any assistance would be helpful

Firerat · 02-14-2014, 06:51 PM

First if, PWD is a bad choice, since it is a default environment variable
( print working directory )

When scripting is is common practice to avoid using FULL CAPS,

In your for loop, you don't seem to use TEMP after you write it
You use it for PART1, earlier, but no need for it to be on disk,,

Here,

Code:

oIFS="$IFS" # store original internal field sep.
IFS="." # new IFS

while read hostname junkwedontneed;do
    rm "$WoRd"
    touch "$WoRd"
    chmod 600 "$WoRd"
    echo ${hostname:(-2)}${PART2} >> $WoRd
    .. ssh stuff here ..
done <$1   
IFS="$oIFS"
unset oIFS

Still has security issues, since someone can 'see' the echo command writing the passwd to file

vwtech · 02-14-2014, 08:25 PM

Didn't understand what I should place in the "junkwedontneed" area but this is what I understood from your response...probably way off.

Why direct my argument which is the file with the hostnames to "done"- totally lost me on that one.

Code:

PART2=`cat ./second`
WoRD=./word

oIFS="$IFS" # store original internal field sep.
IFS="." # new IFS

while read hostname;do
    rm "$WoRd"
    touch "$WoRd"
    chmod 600 "$WoRd"
    echo ${hostname:(-2)}${PART2} >> $WoRd
    sshpass -f $WoRD ssh-copy-id root@$X
done <$1
IFS="$oIFS"
unset oIFS

Ran the code above and got errors saying:
rm: cannot remove `': No such file or directory
touch: cannot touch `': No such file or directory
chmod: cannot access `': No such file or directory

Even though when I list my current directory I see the file, I'll like ...wtf.

Reading the "Linux Command Line and Shell Scripting -Bible" only understood 50% of your response. For the chapters I've read, my orginial script "should" have worked great. I have been attempting to write this script for a week. Personally frustrated to the hilt (I know not anyones problem but mine); Thanks for your response.

Firerat · 02-15-2014, 01:05 AM

My fault, check the cAsE

The junkwedo... is just a 'placeholder'

Consider this

Code:

 oIFS=$IFS
IFS=.
echo var1.var2.var3|while read keep discard;do
    echo $keep;echo this is junk $discard
done
IFS=$oIFS

I did it like that so it was 'less work' with the. bash string manipulation

Code:

Lasttwochar=${hostname%%.*}
Lasttwochar=${Lasttwochar:(-2)}

I just dislike doing that

Regards the redirection

You are not sending it to done, you are sending it to while read

Going back to the case problem
I use vim, when I start typing the variable name out, I do ctrl+p
This then completes the var ( of any word ) or presents a list,
saves many a typo ( unlike silly software keyboards on phone/tablets)
Only usefull if you use vim,
I guess emacs has something similar

vwtech · 02-15-2014, 01:50 PM

I know when to say uncle on something, that I can't do. I'm not advanced enough with scripting to decipher your last response. Trying to get this to work to avoid manually typing the passphrase 60 times but at this point, and at this time it's the only way. My original script didn't work; I either don't understand what I read or using wrong syntax.

PHP Code:



temp=./temp 
part1=`cat $TEMP` 
part2=`cat ./second` 
pwdd=$PART1$PART2 
word=./word 
 
for X in `cat $1` 
do 
echo $X| awk -F. '{print $1}'| egrep -o .{2}$ > $temp 
echo $pwdd > $word 
sshpass -f $word ssh-copy-id root@$X 
done | tee $2 
exit 0

I'm trying to have it read a list of hostnames, but only take the last two characters from each one, write that to $TEMP, then take both the output from $PART1 and $PART2 to the file ./word, then use whats in ./word as the password, then go to the next name in the list and do the same thing over again.

I think I need to get my original script to work, then move on to more complex/shorter way of doing the same task.
That way I'm not confused and can fully understand way commands are doing.

Firerat · 02-15-2014, 02:09 PM

PHP Code:



temp=./temp
word=./word
part2=`cat ./second`

for X in `cat $1`
do
echo $X| awk -F. '{print $1}'| egrep -o .{2}$ > $temp

part1=`cat $temp`
# inside the loop, since these 'change' depending on loop 'value'
pwdd=$part1$part2

echo $pwdd > $word
sshpass -f $word ssh-copy-id root@$X
done | tee $2
exit 0

You have to reset a variable if you change a variable/file it 'uses'
Also, you had CaSe issues, they need to match

That script should work now, but it has many bad habits in it

A good introduction,
http://mywiki.wooledge.org/BashGuide

vwtech · 02-15-2014, 07:24 PM

Wow, it actually works now

I didn't know you could change varibles within the for loop area.
I'll be sure to write some random data over all three files used before deleting them. I'll but that in the script so it doesn't get forgotten. Will also be reviewing the link you provided.
Thank you (This tread can be considered closed).