[openssl-users] updating list of server account password
Salz, Rich
rsalz at akamai.com
Mon Apr 6 21:40:22 UTC 2015
Perhaps you don't want to post this kind of thing to a global mailing list for all users of openssl?
--
Senior Architect, Akamai Technologies
IM: richsalz at jabber.at Twitter: RichSalz
> -----Original Message-----
> From: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
> [mailto:andreas.magana.ctr at us.af.mil]
> Sent: Monday, April 06, 2015 11:53 AM
> To: mike nicholas
> Cc: openssl-users at openssl.org; ESRY JR. DON; Matt Zagrabelny
> Subject: Re: [openssl-users] updating list of server account password
>
>
>
> //SIGNED//
>
> Andy Magaña
> UNIX Systems Administrator
> Diligent Contractor, 72nd Air Base Wing
> Tinker Air Force Base, Oklahoma
> Commercial: (405) 734-0341
>
>
> -----Original Message-----
> From: mike nicholas [mailto:xmikenicholasx at gmail.com]
> Sent: Monday, April 06, 2015 10:48 AM
> To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
> Cc: ESRY JR. DON; openssl-users at openssl.org; Matt Zagrabelny
> Subject: Re: updating list of server account password
>
> So the else if will only run if the first if is not true, that doesn't seem right,.
>
> On Apr 3, 2015 2:52 PM, "MAGANA, ANDREAS S I CTR USAF AFMC 72
> ABW/SCOOT" <andreas.magana.ctr at us.af.mil> wrote:
>
>
> Hello Mike, Don and Matt,
>
> At the point I am at this list of servers in my script I would really need
> someone with more experience to see if I even have the right scripting.
>
>
> #!/usr/bin/perl
> use strict;
>
> use Expect;
>
> my $timeout = 60;
>
> my @servers = qw(
> remotehost03
> remotehost04
> remotehost05
> remotehost06
> );
>
>
> for my $server (@servers) {
> # do your thing with $server
>
> change_password($server);
>
> }
>
> sub change_password {
> my $system = shift;
>
> my $filename = "/var/tmp/expect_script.log";
> my $ssh = Expect->new('ssh amagana@' . $system);
>
>
> $ssh->debug(1);
> $ssh->expect ( $timeout,
> [ qr/Password:/],
> [ qr/Are you sure you want to continue connecting \(yes\/no\)?/]
> );
>
> if ($ssh->match() =~ m/Are you sure you want to continue
> connecting \(yes\/no\)?/ ) {
> $ssh->send("yes\r");
> }
>
> elsif ($ssh->match() =~ m/Password:/ ) {
> $ssh->send("mypassword\n");
> }
>
>
> #$ssh->log_file($filename, 'w');
> $ssh->expect(60, '$');
> $ssh->send("su - root\n");
> $ssh->expect(60, 'Password:');
> $ssh->send("rootpassword\n");
> $ssh->expect(60, '#');
> $ssh->send("passwd amagana\n");
> $ssh->expect(60, 'New Password:');
> $ssh->send("mynewpassword\n");
> $ssh->expect(60, 'Re-enter new Password:');
> $ssh->send("mynewpassword\n");
> $ssh->expect(60, '#');
> $ssh->close();
>
>
>
>
>
>
>
>
>
>
> Mike,
>
> If that does not seem right what can I change it to make it right?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Respectfully,
>
>
> #!/usr/bin/perl
> use strict;
>
> use Expect;
> my $timeout = 60;
> my $filename = "/var/tmp/expect_script.log";
> my $ssh = Expect->new('ssh amagana at remotehost');
>
> $ssh->debug(1);
> $ssh->expect ( $timeout,
> [ qr/Password:/],
> [ qr/Are you sure you want to continue connecting \(yes\/no\)?/]
> );
>
> if ($ssh->match() =~ m/Are you sure you want to continue
> connecting \(yes\/no\)?/ ) {
> $ssh->send("yes\r");
> }
>
> elsif ($ssh->match() =~ m/Password:/ ) {
> $ssh->send("mypassword\n");
> }
>
>
> #$ssh->log_file($filename, 'w');
> $ssh->expect(60, '$');
> $ssh->send("su - root\n");
> $ssh->expect(60, 'Password:');
> $ssh->send("rootpassword\n");
> $ssh->expect(60, '#');
> $ssh->send("passwd amagana\n");
> $ssh->expect(60, 'New Password:');
> $ssh->send("mynewpassword\n");
> $ssh->expect(60, 'Re-enter new Password:');
> $ssh->send("mynewpassword\n");
> $ssh->expect(60, '#');
> $ssh->close();
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> //SIGNED//
>
> Andy Magaña
> UNIX Systems Administrator
> Diligent Contractor, 72nd Air Base Wing
> Tinker Air Force Base, Oklahoma
> Commercial: (405) 734-0341
>
>
> -----Original Message-----
> From: mike nicholas [mailto:xmikenicholasx at gmail.com]
> Sent: Wednesday, April 01, 2015 9:46 AM
> To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
> Cc: ESRY JR., DON; Matt Zagrabelny; expectperl-
> discuss at lists.sourceforge.net
> Subject: Re: [Expectperl-discuss] expect.pm not updating password
>
> Try something like this:
>
> my $exp = new Expect;
>
> $exp->log_stdout(1);
>
> $username = "XXXXXX";
>
> $exp->spawn( "ssh -l ${username} ${ip} " ) or die "cannot spawn
> $command: $! \n";
>
> $exp->log_file("./${log_dir}/$ip\_info.log");
>
> print "\nspawning ssh connection to $ip on $time\n\n";
>
> $exp->log_file->print( "\nspawning ssh connection to $ip on
> $time\n\n" );
>
> $exp->expect(8,
>
> [ 'connecting' => sub { $exp->send("yes \n"); exp_continue; } ],
>
> [ 'assword:' => sub { $exp->send("$pw\n"); exp_continue; } ],
>
> [ '-re', '> ?$' => sub { break; }],
>
> [ 'try again' => sub { die " died from bad password.\n"; }],
>
> [ 'refused' => sub { die " died from connection refused.\n";
> exp_continue; } ],
>
> [ eof => sub { die " died from eof.\n"; }],
>
> [ timeout => sub { $exp->hard_close(); }],
>
> );
>
>
> On Wed, Apr 1, 2015 at 9:24 AM, MAGANA, ANDREAS S I CTR USAF
> AFMC 72 ABW/SCOOT <andreas.magana.ctr at us.af.mil> wrote:
>
>
> Now that I have a working script and thanks very much to you
> Matt and Don,
>
> I am trying to put in my script an if else because sometimes my
> script will encounter this :
>
> Are you sure you want to continue connecting (yes/no)?')
>
>
>
> what I did create are some variables is this correct and may I see
> an example if statement so that the script can make a decision and keep
> going?
>
> use Expect;
> my $knownhost = $ssh->expect(60, 'Are you sure you want to
> continue connecting (yes/no)?');
> my $answer = $ssh->send("yes\n");
> my $filename = "/var/tmp/expect_script.log";
>
>
>
> //SIGNED//
>
> Andy Magaña
> UNIX Systems Administrator
> Diligent Contractor, 72nd Air Base Wing
> Tinker Air Force Base, Oklahoma
> Commercial: (405) 734-0341 <tel:%28405%29%20734-0341>
> <tel:%28405%29%20734-0341>
>
> -----Original Message-----
> From: ESRY JR., DON [mailto:de3253 at att.com]
> Sent: Tuesday, March 31, 2015 4:16 PM
> To: Matt Zagrabelny; MAGANA, ANDREAS S I CTR USAF AFMC 72
> ABW/SCOOT
> Cc: expectperl-discuss at lists.sourceforge.net
>
> Subject: RE: [Expectperl-discuss] expect.pm not updating
> password
>
> I think you will want a log file to identify where the script failed.
>
> I recommend that you take out the 'w' from the $ssh-
> >log_file($filename, 'w'); so it will append to the file rather than over writing
> it for each server.
>
> And then put in some sort of header for each server, something
> like:
> my $header = "\n\n======= $system =======\n"; $ssh-
> >print_log_file($header);
>
> Or if you prefer a separate file for each server, then my
> $filename = "/var/tmp/expect_script_". $system ".log";
>
> little stuff like this can be very frustrating.
>
>
> -----Original Message-----
> From: Matt Zagrabelny [mailto:mzagrabe at d.umn.edu]
> Sent: Tuesday, March 31, 2015 4:56 PM
> To: MAGANA, ANDREAS S I CTR USAF AFMC 72 ABW/SCOOT
> Cc: expectperl-discuss at lists.sourceforge.net
> Subject: Re: [Expectperl-discuss] expect.pm not updating
> password
>
> On Tue, Mar 31, 2015 at 3:37 PM, MAGANA, ANDREAS S I CTR
> USAF AFMC 72 ABW/SCOOT <andreas.magana.ctr at us.af.mil> wrote:
> > Thank you Matt,
> >
> > I just don't know how to put it in a working way I learn by
> examples I
> > am a novice on perl and the modules.
>
> Maybe spend a day or two writing some basic perl programs so
> you feel more comfortable with this stuff. I'm sure there are truckloads of
> perl tutorials out there.
>
> I added some context below. You'll need to clean up the leading
> '>' characters.
>
> -m
>
>
> >
> > #!/usr/bin/perl
> > use strict;
> >
> > use Expect;
> >
> > # my @servers = qw(
> > # server1.example.net
> > # server2.example.net
> > # server3.example.net
> > # server4.example.net
> > # server5.example.net
> > # );
> > #
> > # for my $server (@servers) {
> > # # do your thing with $server
>
> change_password($server);
>
> > # }
> >
>
> sub change_password {
> my $system = shift;
>
> my $filename = "/var/tmp/expect_script.log";
> my $ssh = Expect->new('ssh amagana@' . $system);
>
>
> > $ssh->debug(1);
> > $ssh->log_file($filename, 'w');
> > $ssh->expect(60, 'Password:');
> > $ssh->send("mycurrentpassword\n");
> > $ssh->expect(60, '$');
> > $ssh->send("su - root\n");
> > $ssh->expect(60, 'Password:');
> > $ssh->send("myrootpassword\n");
> > $ssh->expect(60, '#');
> > $ssh->send("passwd amagana\n");
> > $ssh->expect(60, 'New Password:');
> > $ssh->send("mynewpassword\n");
> > $ssh->expect(60, 'Re-enter new Password:');
> > $ssh->send("mynewpassword\n"); $ssh->expect(60, '#');
> > $ssh->send("exit\n"); $ssh->close();
>
> }
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel
> Website, sponsored
> by Intel and developed in partnership with Slashdot Media, is
> your hub for all
> things parallel software development, from weekly thought
> leadership blogs to
> news, videos, case studies, tutorials and more. Take a look and
> join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Expectperl-discuss mailing list
> Expectperl-discuss at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/expectperl-discuss
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming The Go Parallel
> Website, sponsored
> by Intel and developed in partnership with Slashdot Media, is
> your hub for all
> things parallel software development, from weekly thought
> leadership blogs to
> news, videos, case studies, tutorials and more. Take a look and
> join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Expectperl-discuss mailing list
> Expectperl-discuss at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/expectperl-discuss
>
>
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users
mailing list