OpenConnect autoconnect/reconnect script? - bash

I have this script:
#!bin/bash
NAME="user"
PIDFILE="openconnect.pid"
CERT="user.crt"
KEY="user.key"
PASS="pass"
HOST="https://example.com"
SCRIPT="/etc/vpnc/vpnc-script"
openconnect -b --script $SCRIPT --pid-file=$PIDFILE -c $CERT -k $KEY --key-password=$PASS --user=$NAME $HOST
It works, but sometimes if something goes wrong (restart of server, or some other issues), it disconnects from VPN. And I need to rerun script again. Is there some way I could modify it or add it in cron job or some other way?
Note. When I run this script I need to enter certificate password. So considering security, I'm wondering where I should keep that password for autoreconnect purposes?

You can detect if openconnect is still running by checking its PID:
pidof openconnect
This return an exit value of 0 if openconnect still runs otherwise non zero.
You would have a script that looks like that [not tested but should give you a hint]:
#!/bin/bash
OPENCONNECT_PID=""
function checkOpenconnect(){
ps -p "${OPENCONNECT_PID}"
# print the status so we can check in the main loop
echo $?
}
function startOpenConnect(){
# start here open connect with your params and grab its pid
openconnect [your params] & OPENCONNECT_PID=$!
}
startOpenConnect
while true
do
# sleep a bit of time
sleep 30
OPENCONNECT_STATUS=$(checkOpenconnect)
[ $OPENCONNECT_STATUS -ne 0 ] && startOpenConnect
done

Related

Check whether ssh is possible inside shell a script?

I need to print a count of a remote server which is written on '/REMOTE_DIR/DR_count'. But that remote server is not much reliable due to a network or OS failure. However I need to print the DR_count value from the local machine if that remote machine is not available. Here is my logic. Please correct me to how to check that if condition in correct way. I'm running this script on Solaris 11.3.
#!/bin/sh
if[check wether ssh user#host_name is possible]
then
op="cat /REMOTE_DIR/DR_count"
cmd="ssh user#host_name $op"
drlog=`$cmd`
else
drlog='cat /LOCAL_DIR/DR_count'
fi
echo $drlog
As I said in my comment, I would simply try to ssh, and if use its exit code to see whether it worked:
ssh -o ConnectTimeout=5 user#host_name cat /REMOTE_DIR/DR_count 2>/dev/null || cat /LOCAL_DIR/DR_count
you should check for exit code 255 to detect whether you have network error or not
#!/bin/bash
#EXIT STATUS
# ssh exits with the exit status of the remote command or with 255 if an error occurred.
cnt=`ssh -o ConnectTimeout=5 root#$host "cat /REMOTE_DIR/DR_count"`
exit_code=$?
if [ $exit_code -eq 255 ]; then
cnt=`cat /LOCAL_DIR/DR_count`
fi
it makes sense also to check for other (non 0 / 255) exit codes to check possible issues at remote side (like file missing on remote side)

expect: launching scp after sftp

I could really use some help. I'm still pretty new with expect. I need to launch a scp command directly after I run sftp.
I got the first portion of this script working, my main concern is the bottom portion. I really need to launch a command after this command completes. I'd rather be able to spawn another command than, hack something up like piping this with a sleep command and running it after 10 s or something weird.
Any suggestions are greatly appreciated!
spawn sftp user#host
expect "password: "
send "123\r"
expect "$ "
sleep 2
send "cd mydir\r"
expect "$ "
sleep 2
send "get somefile\r"
expect "$ "
sleep 2
send "bye\r"
expect "$ "
sleep 2
spawn scp somefile user2#host2:/home/user2/
sleep 2
So i figured out I can actually get this to launch the subprocess if I use "exec" instead of spawn.. in other words:
exec scp somefile user2#host2:/home/user2/
the only problem? It prompts me for a password! This shouldn't happen, I already have the ssh-keys installed on both systems. (In other words, if I run the scp command from the host I'm running this expect script on, it will run without prompting me for a password). The system I'm trying to scp to, must be recognizing this newly spawned process as a new host, because its not picking up my ssh-key. Any ideas?
BTW, I apologize I haven't actually posted a "working" script, I can't really do that without comprimising the security of this server. I hope that doesn't detract from anyones ability to assist me.
I think the problem lies with me not terminating the initially spawned process. I don't understand expect enough to do it properly. If I try "close" or "eof", it simply kills the entire script, which I don't want to do just yet (because I still need to scp the file to the second host).
Ensure that your SSH private key is loaded into an agent, and that the environment variables pointing to that agent are active in the session where you're calling scp.
[[ $SSH_AUTH_SOCK ]] || { # if no agent already running...
eval "$(ssh-agent -s)" # ...then start one...
ssh-add /path/to/your/ssh/key # ...load your key...
started_ssh_agent=1 # and flag that we started it ourselves
}
# ...put your script here...
[[ $started_ssh_agent ]] && { # if we started the agent ourselves...
eval "$(ssh-agent -s -k)" # ...then clean up nicely when done.
}
As an aside, I'd strongly suggest replacing the code given in the question with something like the following:
lftp -u user,123 -e 'get /mydir/somefile -o localfile' sftp://host </dev/null
lftp scp://user2#host2 -e 'put localfile -o /home/user2/somefile' </dev/null
Each connection handled in one line, and no silliness messing around with expect.

Bash Script Quits After Exiting SSH

I'm trying to write a Bash script that logs into 2 different linux based power-strips (Ubiquiti Mpower Pros) and turns 2 different lights off (one on each strip). To do this I login to the 1st strip, change the appropriate file to 0 (thus turning off the light), and exit, repeating the same process on the next power-strip. However, after I exit the first SSH connection, the script stops working. Could someone please suggest a fix? My only idea would be to encase this script in a python program. Here's my code:
#!/bin/bash
ssh User#192.168.0.100
echo "0" > /proc/power/relay1
exit
# hits the enter key
cat <(echo "") | <command>
ssh User#192.168.0.103
echo "logged in"
echo "0" > /proc/power/relay1
exit
cat <(echo "") | <command>
ssh as an app BLOCKS while it's running, the echo and exit are executed by the local shell, not by the remote machine. so you are doing:
ssh to remote machine
exit remote shell
echo locally
exit locally
and boom, your script is dead. If that echo/exit is supposed to be run on the remote system, then you should be doing:
ssh user#host command
^^^^^---executed on the remote machine
e.g.
ssh foo#bar 'echo ... ; exit'
The commands you're apparently trying to run through ssh are actually being executed locally. You can just pass the command you want to run to ssh and it will do it (without needing an explicit exit)
ssh User#192.168.0.110 'echo "0" > /proc/power/relay1'
will do that, and similar for the other ssh command

Fix ssh line for Xpra bash script

im writting a small script for starting an 'xpra' session with a remote machine. I'm pretty new to bash scripting, so I was wondering if someone could help me clean up the code a bit, concerning best practices.
The ssh line is the one i'm having problems with, as I must CTRL-C on the keyboard for the command to be killed and let it continue to echo "done".
How can I fix that minor issue?
### ###
# syntax: xpra.sh hostmachine command #
## ###
## Wake on LAN host machine.
~/scripts/$1
## Check if online and ssh command.
## Attach xpra client.
while :; do
ping -c 1 $1
if [ $? -eq 0 ]; then
ssh $1 "xpra start :7 && sleep 2 && ("DISPLAY=:7 $2"&) ";
echo "done";
sleep 5;
echo "attaching";
(xpra attach ssh:$1:7 &);
break;
else
echo "host offline";
sleep 180s;
fi
done
Newer versions support starting remote sessions in one command, try:
xpra start ssh://HOST:SSH_PORT/DISPLAY --start-child=xterm
this will
start a new remote session on display DISPLAY
start an xterm in it
then connect your client to this session
It's a lot cleaner than a script that relies on "sleep"...
Either you want the ssh line to finish before moving to the next line, in which case what you have is correct; or you want to move on to the next line while it is still running, in which case you can append a "&" character to the line:
ssh $1 "xpra start :7 && sleep 2 && ("DISPLAY=:7 $2"&) " &
(Main comment I would make about your style is that ending all your lines with ";"'s is unnecessary, and it would be clearer if you indented the parts of your if statement.)
as Adam Liss mentioned in the comments:
ssh -f $COMMAND
will open an ssh session, ask for your credentials, then go into the background as it launches the command on the remote host.

checking if a streaming server is up using bash?

I use Ubuntu and am trying to write a script that makes the following:
-test if an audio stream works
-if not, send an email.
I have tried the following code (running as a cron job every 10 minutes), which 'works' if I supply the wrong pw e.g.(it sends an email then), but does nothing if the actual server is down (tested by killing the server). any ideas on how to fix the script?
Thanks in advance!
#!/bin/bash
#servertest.sh
username=user1
password=xyz
url="http://wwww.streamingaudioserver.com -passwd $password -user $username"
mplayer $url &
sleep 5
test=$(pgrep -c mplayer)
if [ $test = 0 ]; then
#server is down!
mailfile="downmail.txt"
/usr/sbin/ssmtp test#maildomain.com < "/home/test/$mailfile"
fi
killall mplayer
sleep 5
exit
Your problem is in this line:
$mailfile="downmail.txt"
remove the dollar sign and that should do it.
You should be getting error messages in your cron log or emails to the crontab owner complaining about a command not found or no such file.
Edit:
Does your script work if run from the command line (with the stream down) rather than cron?
Try using set -x (or #!/bin/bash -x) in the script to turn on tracing or use echo "PID: $$, value of \$test: $test" > /tmp/script.out after the assignment to see if you're getting the zero you're expecting.
Also, try an ssmtp command outside the if to make sure it's working (but I think you already said it is under some circumstances).
Try your script without ever starting mplayer.

Resources