注意事项:
一.config.sh中用户的密码不能少于8位(longin.sh中定义密码长度)
二.目录和文本的所属者、权限
三.中转机有到其它机器的无密码登陆,无需添加password.txt
四.此次操作ssh使用的默认22端口,有变更修改当前目录下ssh_config文件定义的Port
操作如下:
1、创建用户office_user
useradd office_user
并修改 /etc/passwd 文件相关用户的信息 如下:
office_user:x:503:503::/home/office_user:/home/office_user/login.sh
2、权限设置,所有脚本均放在/home/office_user 目录下
#目录权限
chown office_user.root /home/office_user
#文件权限
chown office_user.root /home/office_user/*
chmod +x /home/office_user/*.sh
3、安装expect
yum -y install expect
4、文件介绍
config.sh 定义用户 密码 登陆ip zhuang qwe.1234 192.168.1.101|192.168.1.102
hostname.txt 服务器ip 主机名/功能用途 192.168.1.101 test1/test2
login.sh 登陆脚本
logs.txt 记录登陆日志
password.txt 记录服务器ip 密码 192.168.1.101 redhat123
ssh_config ssh协议设置
ssh.exp ssh登陆命令
5、脚本
(1)ssh.exp
#!/usr/bin/expect
set host [lindex $argv 0]
set password [lindex $argv 1]
set timeout 86400
spawn ssh -F ssh_config root@$host
expect "password:"
send "$password\r"
interact
(2)ssh_config
# $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
#BatchMode yes
CheckHostIP no
# AddressFamily any
# ConnectTimeout 10
StrictHostKeyChecking no
# IdentityFile /home/xf/.ssh/sss
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# GSSAPIAuthentication no
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
# ForwardX11Trusted yes
# Send locale-related environment variables
# SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
# SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
# SendEnv LC_IDENTIFICATION LC_ALL
(3)login.sh
#!/bin/bash
cd $(dirname $0)
clear
trapper () {
trap ' ' 2 3 20
}
loginsvr()
{
server=($*)
for((i=0;i<="$#-1";i++))
do
name="`cat hostname.txt|grep ${server[i]}|awk '{print $NF}'`"
echo -e "\t\033[0m[\033[36m$i\033[0m] login server ${server[i]} $name"
done
echo -e "\r\n"
echo -e "please select login server number:\c"
read number
for((i=0;i<="$#-1";i++))
do
args=`cat password.txt|grep "${server[i]} "`
[ "$number" = $i ]&&./ssh.exp $args &&echo "${server[i]} login $password sucess">>/home/office_user/logs.txt
#[ "$number" = $i ]&&./ssh.exp ${server[i]} $password &&echo "${server[i]} login $password sucess">>/home/office_user/logs.txt
done
}
if [ "`whoami`" = root ];then
password=`cat password.txt|grep $1|awk '{print $NF}'`
[ -z "$password" ]&&echo password error&&exit
./ssh.exp $1 $password
exit
fi
while :
do
trapper
echo -e "Please enter login user:\c"
read user
userinfo=`cat config.sh|grep "${user} "`
if [ ! -z "$userinfo" ]&&[ ! -z "$user" ];then
userinfo=($userinfo)
echo -e "Please enter password:\c"
stty -echo
read passwd
[ "${#passwd}" -lt 8 ]&&echo -e "\r\n"&&stty echo&&continue
[ "$passwd" != ${userinfo[1]} ]&&echo ""&&stty echo&&echo "`date "+%Y-%m-%d %H:%M:%S"`-- ${userinfo[0]} login fail"
>>/home/office_user/logs.txt&&continue
stty echo
echo "`date "+%Y-%m-%d %H:%M:%S"`-- ${userinfo[0]} login sucess" >>/home/office_user/logs.txt
echo -e"\r\n"
clear
while :
do
echo -e "Hello ${userinfo[0]},Today is $(date +%T)\n"
loginsvr `echo ${userinfo[2]}|sed 's/|/ /g'`
done
fi
clear
done