[openssl-users] updating list of server account password
MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
andreas.magana.ctr at us.af.mil
Mon Apr 6 18:11:27 UTC 2015
What does the ${ip} mean?
//SIGNED//
Andy Magaña
UNIX Systems Administrator
Diligent Contractor, 72nd Air Base Wing
Tinker Air Force Base, Oklahoma
Commercial: (405) 734-0341
-----Original Message-----
From: mike nicholas [mailto:xmikenicholasx at gmail.com]
Sent: Monday, April 06, 2015 10:58 AM
To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
Cc: ESRY JR. DON; openssl-users at openssl.org; Matt Zagrabelny
Subject: Re: updating list of server account password
Try something like this:
my $exp = new Expect;
$exp->log_stdout(1);
$username = "XXXXXX";
$exp->spawn( "ssh -l ${username} ${ip} " ) or die "cannot spawn $command: $! \n";
$exp->log_file("./${log_dir}/$ip\_info.log");
print "\nspawning ssh connection to $ip on $time\n\n";
$exp->log_file->print( "\nspawning ssh connection to $ip on $time\n\n" );
$exp->expect(8,
[ 'connecting' => sub { $exp->send("yes \n"); exp_continue; } ],
[ 'assword:' => sub { $exp->send("$pw\n"); exp_continue; } ],
[ '-re', '> ?$' => sub { break; }],
[ 'try again' => sub { die " died from bad password.\n"; }],
[ 'refused' => sub { die " died from connection refused.\n"; exp_continue; } ],
[ eof => sub { die " died from eof.\n"; }],
[ timeout => sub { $exp->hard_close(); }],
);
On Mon, Apr 6, 2015 at 10:52 AM, MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT <andreas.magana.ctr at us.af.mil> wrote:
//SIGNED//
Andy Magaña
UNIX Systems Administrator
Diligent Contractor, 72nd Air Base Wing
Tinker Air Force Base, Oklahoma
Commercial: (405) 734-0341 <tel:%28405%29%20734-0341>
-----Original Message-----
From: mike nicholas [mailto:xmikenicholasx at gmail.com]
Sent: Monday, April 06, 2015 10:48 AM
To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
Cc: ESRY JR. DON; openssl-users at openssl.org; Matt Zagrabelny
Subject: Re: updating list of server account password
So the else if will only run if the first if is not true, that doesn't seem right,.
On Apr 3, 2015 2:52 PM, "MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT" <andreas.magana.ctr at us.af.mil> wrote:
Hello Mike, Don and Matt,
At the point I am at this list of servers in my script I would really need someone with more experience to see if I even have the right scripting.
#!/usr/bin/perl
use strict;
use Expect;
my $timeout = 60;
my @servers = qw(
remotehost03
remotehost04
remotehost05
remotehost06
);
for my $server (@servers) {
# do your thing with $server
change_password($server);
}
sub change_password {
my $system = shift;
my $filename = "/var/tmp/expect_script.log";
my $ssh = Expect->new('ssh amagana@' . $system);
$ssh->debug(1);
$ssh->expect ( $timeout,
[ qr/Password:/],
[ qr/Are you sure you want to continue connecting \(yes\/no\)?/]
);
if ($ssh->match() =~ m/Are you sure you want to continue connecting \(yes\/no\)?/ ) {
$ssh->send("yes\r");
}
elsif ($ssh->match() =~ m/Password:/ ) {
$ssh->send("mypassword\n");
}
#$ssh->log_file($filename, 'w');
$ssh->expect(60, '$');
$ssh->send("su - root\n");
$ssh->expect(60, 'Password:');
$ssh->send("rootpassword\n");
$ssh->expect(60, '#');
$ssh->send("passwd amagana\n");
$ssh->expect(60, 'New Password:');
$ssh->send("mynewpassword\n");
$ssh->expect(60, 'Re-enter new Password:');
$ssh->send("mynewpassword\n");
$ssh->expect(60, '#');
$ssh->close();
Mike,
If that does not seem right what can I change it to make it right?
Respectfully,
#!/usr/bin/perl
use strict;
use Expect;
my $timeout = 60;
my $filename = "/var/tmp/expect_script.log";
my $ssh = Expect->new('ssh amagana at remotehost');
$ssh->debug(1);
$ssh->expect ( $timeout,
[ qr/Password:/],
[ qr/Are you sure you want to continue connecting \(yes\/no\)?/]
);
if ($ssh->match() =~ m/Are you sure you want to continue connecting \(yes\/no\)?/ ) {
$ssh->send("yes\r");
}
elsif ($ssh->match() =~ m/Password:/ ) {
$ssh->send("mypassword\n");
}
#$ssh->log_file($filename, 'w');
$ssh->expect(60, '$');
$ssh->send("su - root\n");
$ssh->expect(60, 'Password:');
$ssh->send("rootpassword\n");
$ssh->expect(60, '#');
$ssh->send("passwd amagana\n");
$ssh->expect(60, 'New Password:');
$ssh->send("mynewpassword\n");
$ssh->expect(60, 'Re-enter new Password:');
$ssh->send("mynewpassword\n");
$ssh->expect(60, '#');
$ssh->close();
//SIGNED//
Andy Magaña
UNIX Systems Administrator
Diligent Contractor, 72nd Air Base Wing
Tinker Air Force Base, Oklahoma
Commercial: (405) 734-0341
-----Original Message-----
From: mike nicholas [mailto:xmikenicholasx at gmail.com]
Sent: Wednesday, April 01, 2015 9:46 AM
To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
Cc: ESRY JR., DON; Matt Zagrabelny; expectperl-discuss at lists.sourceforge.net
Subject: Re: [Expectperl-discuss] expect.pm not updating password
Try something like this:
my $exp = new Expect;
$exp->log_stdout(1);
$username = "XXXXXX";
$exp->spawn( "ssh -l ${username} ${ip} " ) or die "cannot spawn $command: $! \n";
$exp->log_file("./${log_dir}/$ip\_info.log");
print "\nspawning ssh connection to $ip on $time\n\n";
$exp->log_file->print( "\nspawning ssh connection to $ip on $time\n\n" );
$exp->expect(8,
[ 'connecting' => sub { $exp->send("yes \n"); exp_continue; } ],
[ 'assword:' => sub { $exp->send("$pw\n"); exp_continue; } ],
[ '-re', '> ?$' => sub { break; }],
[ 'try again' => sub { die " died from bad password.\n"; }],
[ 'refused' => sub { die " died from connection refused.\n"; exp_continue; } ],
[ eof => sub { die " died from eof.\n"; }],
[ timeout => sub { $exp->hard_close(); }],
);
On Wed, Apr 1, 2015 at 9:24 AM, MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT <andreas.magana.ctr at us.af.mil> wrote:
Now that I have a working script and thanks very much to you Matt and Don,
I am trying to put in my script an if else because sometimes my script will encounter this :
Are you sure you want to continue connecting (yes/no)?')
what I did create are some variables is this correct and may I see an example if statement so that the script can make a decision and keep going?
use Expect;
my $knownhost = $ssh->expect(60, 'Are you sure you want to continue connecting (yes/no)?');
my $answer = $ssh->send("yes\n");
my $filename = "/var/tmp/expect_script.log";
//SIGNED//
Andy Magaña
UNIX Systems Administrator
Diligent Contractor, 72nd Air Base Wing
Tinker Air Force Base, Oklahoma
Commercial: (405) 734-0341 <tel:%28405%29%20734-0341> <tel:%28405%29%20734-0341> <tel:%28405%29%20734-0341>
-----Original Message-----
From: ESRY JR., DON [mailto:de3253 at att.com]
Sent: Tuesday, March 31, 2015 4:16 PM
To: Matt Zagrabelny; MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
Cc: expectperl-discuss at lists.sourceforge.net
Subject: RE: [Expectperl-discuss] expect.pm not updating password
I think you will want a log file to identify where the script failed.
I recommend that you take out the 'w' from the $ssh->log_file($filename, 'w'); so it will append to the file rather than over writing it for each server.
And then put in some sort of header for each server, something like:
my $header = "\n\n======= $system =======\n"; $ssh->print_log_file($header);
Or if you prefer a separate file for each server, then my $filename = "/var/tmp/expect_script_". $system ".log";
little stuff like this can be very frustrating.
-----Original Message-----
From: Matt Zagrabelny [mailto:mzagrabe at d.umn.edu]
Sent: Tuesday, March 31, 2015 4:56 PM
To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
Cc: expectperl-discuss at lists.sourceforge.net
Subject: Re: [Expectperl-discuss] expect.pm not updating password
On Tue, Mar 31, 2015 at 3:37 PM, MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT <andreas.magana.ctr at us.af.mil> wrote:
> Thank you Matt,
>
> I just don't know how to put it in a working way I learn by examples I
> am a novice on perl and the modules.
Maybe spend a day or two writing some basic perl programs so you feel more comfortable with this stuff. I'm sure there are truckloads of perl tutorials out there.
I added some context below. You'll need to clean up the leading '>' characters.
-m
>
> #!/usr/bin/perl
> use strict;
>
> use Expect;
>
> # my @servers = qw(
> # server1.example.net
> # server2.example.net
> # server3.example.net
> # server4.example.net
> # server5.example.net
> # );
> #
> # for my $server (@servers) {
> # # do your thing with $server
change_password($server);
> # }
>
sub change_password {
my $system = shift;
my $filename = "/var/tmp/expect_script.log";
my $ssh = Expect->new('ssh amagana@' . $system);
> $ssh->debug(1);
> $ssh->log_file($filename, 'w');
> $ssh->expect(60, 'Password:');
> $ssh->send("mycurrentpassword\n");
> $ssh->expect(60, '$');
> $ssh->send("su - root\n");
> $ssh->expect(60, 'Password:');
> $ssh->send("myrootpassword\n");
> $ssh->expect(60, '#');
> $ssh->send("passwd amagana\n");
> $ssh->expect(60, 'New Password:');
> $ssh->send("mynewpassword\n");
> $ssh->expect(60, 'Re-enter new Password:');
> $ssh->send("mynewpassword\n"); $ssh->expect(60, '#');
> $ssh->send("exit\n"); $ssh->close();
}
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Expectperl-discuss mailing list
Expectperl-discuss at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/expectperl-discuss
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Expectperl-discuss mailing list
Expectperl-discuss at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/expectperl-discuss
More information about the openssl-users
mailing list