I want to write a shell script where user interaction is not allowed and I want to use sftp login with in the script. Now I have few challenges to execute this approach.
There is no user interaction so I can only provide the options as a argument while executing the script. Script can be like this.
#!/bin/bash
if [[ "${#}" -lt 4 ]]; then
echo -e "Usage: ${0} <sftpUser> <sftpPassword> <sftpHost> <sftpPort>"
exit 1
fi
sftpUser=${1}
sftpPassword=${2}
sftpHost=${3}
sftpPort=${4}
remote_dir="/home/vagrant"
source_dir="/home/vagrant/sftpDir"
sftpFile="/tmp/tempfile"
echo "cd ${remote_dir}" >> ${sftpFile}
echo "mget * ${source_dir}" >> ${sftpFile}
echo "quit" >> ${sftpFile}
expect -c "
spawn sftp -P ${sftpPort} -o "BatchMode=no" -b "${sftpFile}" ${sftpUser}#${sftpHost}
expect -nocase \"*Password:\" { send \"${sftpPassword}\r\"; interact }
"
rm -rf ${sftpFile}
$ ./shellscript.sh user1 password#123 192.168.0.1 22
Here, we need to provide the argument with the script itself and here we are using the plain text format for password password#123
How can we use the encrypted password in the argument as this can be a risk to expose the password?
Is there any other approach to execute this scenario?
I am not able to find any approach to pass the encrypted password with SFTP login.
Related
I have list of filenames in a text file,need to transfer each file into server using scp command.I am reading filenames from Read.sh and passing each file name to transfer.sh script but scp is not executing command in this transfer script.If I run transfer.sh alone with passing args its working fine.
List.txt
/home/kittu/file1.txt
/home/kittu/file2.txt
/home/kittu/file3.txt
Read.sh
#!/bin/bash
while read p; do
echo $p
./transfer.sh "$p"
done <List.txt
transfer.sh
#!/usr/bin/expect -f
# get filename from command-line
set f [lindex $argv 0]
spawn scp "$f" user#192.168.4.151:/home/user/Desktop/
expect "password"
send "123\r"
interact
I just run Read.sh as
>./Read.sh
Output:
/home/user/Desktop/file1.txt
spawn scp /home/mbox140/Desktop/test.sh mbox140#192.168.4.151:/home/mbox140/Desktop/videos/
user#192.168.4.151's password:
Its not executing next statement.Please suggest me any solution.
Try the below script , The changes are that the Transfer.sh is wrapped into bash.sh.
and the reason it waits in the password may be because you are expecting a wrong pattern , try "Password" instead of "password" and after send command, expect for the terminal pattern so that the scp finishes
#!/bin/bash
while read p; do
echo $p
{
/usr/bin/expect << EOF
spawn scp $p user#192.168.4.151:/home/user/Desktop/
expect "Password"
send "123\r"
expect "*#*"
EOF
}
done <List.txt
I have the following script:
#!/bin/bash
echo -n "Enter user name: "
read USER
echo -n "Enter password: "
read -s PWD
cat $HOME/etc/switches.txt | while read IP SWITCH
do
echo ${SWITCH}
/usr/bin/expect <<EOD
# Change to 1 to Log to STDOUT
log_user 1
# Change to 1 to enable verbose debugging
exp_internal 1
# Set timeout for the script
set timeout 20
spawn ssh -l {$USER} -oCheckHostIP=no -oStrictHostKeyChecking=no -q $IP
match_max [expr 32 * 1024]
expect "Password:"
send $PWD
send "\n"
expect "#"
send "show fcip summary | grep TRNK\n"
EOD
echo
done
When I run it, the backslash in the username disappears, giving these result:
Enter user name: corp\user
Enter password:
=== ss3303-m-esannw-m01a ===
spawn ssh -l corpuser -oCheckHostIP=no -oStrictHostKeyChecking=no -q 10.247.184.70
[...]
I suspect my problem is due in part to embedding my expect script inside a bash script. I've tried using $USER and "$USER" as well, with the same results. Using corp\\\\user (yes, four backslashes!) does work but is inconvenient. I'm seriously considering using sed or something to multiply the backslashes, but would love to hear other ideas.
You might have better luck passing the variables through the environment so expect can access them directly, instead of relying on the shell to substitute the values into the heredoc:
#!/bin/bash
read -p "Enter user name: " USER
read -sp "Enter password: " PWD
export USER PWD IP
while read IP SWITCH
do
echo ${SWITCH}
# the heredoc is single quoted below
/usr/bin/expect <<'EOD'
# Change to 1 to Log to STDOUT
log_user 1
# Change to 1 to enable verbose debugging
exp_internal 1
# Set timeout for the script
set timeout 20
match_max [expr {32 * 1024}]
spawn ssh -l $env(USER) -oCheckHostIP=no -oStrictHostKeyChecking=no -q $env(IP)
expect "Password:"
send -- "$env(PWD)\r"
expect "#"
send "show fcip summary | grep TRNK\r"
expect eof
EOD
echo
done <$HOME/etc/switches.txt
Notes:
the heredoc is single-quoted: the shell will not try to interpolate variables
exported the shell variables used in the expect code
use \r to "press enter" for the send command.
tidied up the input of the username and password
tidied up reading the text file
Okay, so I am new to bash scripting, about 2 whole hours and I'm banging my head against a wall. I need to carry some variables from one script to another and can't seem to get it to work.
This works fine
script1.sh
echo "Enter your name"
read name
export name
./script2.sh
sript2.sh
echo $name
This does not
script1.sh
echo "Enter your name"
read name
export name
ssh $user#$domain "bash -s" < ./script2.sh
sript2.sh
echo $name
The code is dumb, I get that but basically what I want to do is pass database variables to script 2 to use on the server I've SSH'd into. I would do this all in one script but it seems the only way that I can get the server commands to run is to call a second script after the login, otherwise it runs the server commands locally and fails. I'm doing this from a Mac if that makes any difference at all.
Help?
** Update with more legitimate code ****
login.sh
#!/bin/bash
echo "Enter server username:"
read user
echo "Enter server domain"
read domain
echo "Enter your password"
read password
echo "Enter database name"
read database
export database
export user
export domain
export password
ssh $user#$domain "bash -s" < ./create_files.sh
create_files.sh
#!/bin/bash
cd public_html
tar -zcvf test.tar.gz test.html
echo "db:"$database
mysqldump -u $user -p"$password" $database > $database.sql
The goal here is to use the details from login.sh in create_files.sh after this is done I also need to use the login details to scp the created files back to my local machine. Hope this clarifies the problem.
When invoking ssh, it creates a new shell process which is not inheriting the new variables that you exported in the first script. Instead, try adding them as commandline parameters to the second script, like so:
#!/bin/bash
echo "Enter server username:"
read user
echo "Enter server domain"
read domain
echo "Enter your password"
read password
echo "Enter database name"
read database
ssh $user#$domain "bash -s" < ./create_files.sh "$user" "$password" "$database"
Then modify your second script to look like this:
#!/bin/bash
cd public_html
tar -zcvf test.tar.gz test.html
echo "db:$3"
mysqldump -u "$1" -p"$2" "$3" > "$3".sql
I wrote a script that I thought would send input to the terminal when the program request input. I use echo for this.
password=open1234
for I in "a" "b" "c" "d" "e" "f" "g"
do
passwd ${I}
echo ${password}
done
This is basically the form of the program. As you can see, i'm trying to change the passwords of multiple users using a script. The problem is that the input from echo never gets sent to the passwd program.
As written here, you must add --stdin option to passwd.
echo "${password}" | passwd "${I}" --stdin
simply use(It would change all users to the same password):
#!/bin/bash
script='
passwd $user <<PASS
open1234
open1234
PASS
'
for user in $(cat user.txt)
do
$script
done
I am trying to automate password-less ssh setup from master account to other slave accounts.I have a script named AddSSH.ksh which does this setup.When this script is run manually,it asks for same password same times,it basically copied keys using scp. All the slave accounts are saved in a file env.txt.So Now, I have a shell script(run.ksh) which reads the accounts from this file(env.txt) one by one and then uses expect script auto_ssh.ksh to handle the interaction and it enters the password accordingly.
env.txt
account1#machine1
account2#machine2
account3#machine3
account4#machine4
run.ksh:
#!/usr/bin/ksh
while read env
do
username=`echo $env | cut -d"#" -f1`;
hostname=`echo $env | cut -d"#" -f2`;
password='Unix_11'
ssh -n -o PasswordAuthentication=no ${env} ' ' 2>/dev/null
if [ $? -eq 0 ]; then
printf "\nConnection OK for : $env \n"
else
expect auto_ssh.ksh $username $hostname $password
fi
done<env.txt
auto_ssh.ksh:
#!expect
set timeout 6
set user [lindex $argv 0]
set machine [lindex $argv 1]
set password [lindex $argv 2]
spawn AddSSH.ksh $user $machine
expect "password:"
send "$password\r";
expect "password:"
send "$password\r";
interact
If a run the script auto_ssh.ksh like
./auto_ssh.ksh account1 machine1 password
It runs fine but when I call it inside shell script,this expect script exits at the second password.when I ran the shell script in debug mode, I see that instead of sending the password the second time it moves to reading the next env from env.txt and exits.
This is the line of the output in debug mode where it fails.
account1#machine1's password: + read env
Add exp_internal 1 to the expect script for additional debugging. I suspect you might need to refine what you expect: expect -re {password:\s*$}
If you don't need to actually interact with addSSH.ksh, change interact to expect eof
Why does your expect script have a ".ksh" extension?