Good day,

I am trying to write a script that completes an ssh challenge to a specific server and writes output to a log. We have shared ssh keys for the script user. My challenge is a simple hostname check;

ssh $host hostname

My problem arrises when there is an actual challenge, be it asking me for a password, or to update the known_host keys. This is going to be ran from cron and wont have anyone monitoring to answer these questions. When there is a challenge, I want to script to write it to a log and send someone an email. This is where my scripting knowledge comes to a complete halt.

I can not figure out how to take the output from the ssh challenge and use it in my script, for instance;

ssh $host hostname > $fileout2 2>&1
target=`cat $fileout2`
if [ "$host" = "$target" ] ; then
echo "... no challenge from $target" >> $fileout 2>&1
else
echo "... challenge from $host FAILED!!, please check SSH keys" >> $fileout 2>&1

When I am challenged lets say for a password, it never leaves the ssh call thus never gets to the if statement logic. This is where I need some assistance. How can I use the output or ignore the output all together ? If I can ignore it, and force the script to proceed, the if statement will fail and we will be notified. I know there are tools out there like "Expect" but these are production servers and adding tools like that are laborsom to get through all the politics.

Does anyone have a suggestion for me ? Ive searched the web for the past two days, done tons of reading and havent come up with a solution that works.

Thank you, I really appreciate any asistance anyone can give me.


Here is the script in its entirety.

#!/bin/ksh
# Script created to test the SSH functionality between host1, host2,
# host3 and dev_test1, and dev_test2. This functionality is in place for
# Oracle refreshes and needs SSH to function unchallenged. The script will
# be executed from the production servers.

# Hosts this server needs to be able to SSH unchallenged
hostlist="dev_test1 dev_test2"

# location of output log
fileout=/export/home/playing/ssh_checker.log
fileout2=/export/home/playing/target.log
thishost=`hostname`
date=`date`
email="someone@someplace.com"

echo "================================================" >> $fileout 2>&1
echo " SSH checker ran on $date from $thishost " >> $fileout 2>&1

for host in $hostlist
do
echo "================================================" >> $fileout 2>&1
echo "Checking $host for SSH challenge ..." >> $fileout 2>&1

ssh $host hostname > $fileout2 2>&1

target=`cat $fileout2`

if [ "$host" = "$target" ] ; then

echo "... no challenge from $target" >> $fileout 2>&1

else

echo "... challenge from $host FAILED!!, please check SSH keys" >> $fileout 2>&1

mailx -s "SSH challenge failed from $thishost to $host, please check SSH Keys" $email < /dev/null

fi

rm $fileout2

done

If you just want to ensure that it works, how about:
rm outputfile
ssh host "uname -a" > outputfile &
pid=$!
sleep 5
and now look at the output file. No output in outputfile to look at? Musta not worked. So "kill $pid" to be sure you don't leave a hanging process and send the error email.

I'll mess around with that idea and post results.

Thanks Perderabo

Thank you Perderabo !

Simply adding a silly 2 second timeout after the ssh call worked for me.