Fairly new to the System Admin world, and this is my first post here, hoping to get some clarification.
I am using a BASH script to automate some Logfile Archiving (into .tars). The actual logfiles are accessed through an SSH, so I have used the following EXPECT sub-script within my main BASH script (which includes tons of other stuff) :
All of the variables are set earlier in the script and this is actually working exactly as it should . . . but only when the filesizes are small. Some of the servers have small logfiles and some have huge logfiles. The small ones finish long before the 30s SLEEP, but yet sometimes the 30s SLEEP is not long enough for the larger servers. This causes the "mv" command to run before it finishes, and then the whole process is shot. I could increase the SLEEP timer to an even larger number to make sure the "tar -cvf" command completes . . . . but I am already impatient enough. There has got to be a better way to do this.
Anyone please chime in with some ideas, I am willing to try anything (except keys, I cannot use keys)
Last edited by Franklin52; 02-07-2012 at 03:51 AM..
Reason: Please use code tags for code and data samples, thank you
ssh is designed to prevent you from using stored plaintext passwords, because they're very insecure; "interactive password authentication" means "password typed by a human being in realtime authentication" and nothing else will do. That's why you've had to use a third-party brute-forcing utility to make it work at all.
If you use ssh the proper way, with keys, you won't need to sledgehammer in an insecure plaintext password with a third-party brute-forcing utility like expect, and will be able to automate things far, far easier since it can take input exactly as given with no mess, and won't cough up its own skull when the remote script reacts in an even slightly unexpected way:
Code:
#!/bin/sh
ssh -i /path/to/keys username@server <<EOF
cd /folder1/logfiles
tar -cvf logs.$serverName.$CURRENTDATE.tar *.log
mv *.tar LOG_ARCHIVE
EOF
When using keys, it really is that simple, because you don't have to fight it.
google 'passwordless ssh' to find out how you're supposed to do it. There's hundreds of tutorials all over the internet.
Last edited by Corona688; 02-06-2012 at 05:43 PM..
Wow, thanks for the quick response Corona. Do you get payed for this stuff, every single page I have been in today you are usually the first to respond .
I understand what you are saying, but it is not my call. They don't want keys, and I am not authorized to set up keys.
The users have this process, that is a very repetitive sign-in / .tar / sign-out over and over and over again for each server. This is a one use script, it is not something that is running constantly with a unsecured stored password. They wanted something that automates it while only needing one Sign-In/Password. I have the earlier section set up just like thier regular Sign-In/Password prompt. The password has echo off and is stored in $PASS only for the current session (which is closed afterwards).
Thanks for the ideas, and believe me I wish I could talk them into keys, but it just isn't in the cards. Hopefully someone can shove me in the right direction, or point me towards something I haven't figured out yet.
If they have to type a password anyway, why not let ssh do the password work? You can do as I did above without the keys, and ssh will ask for a password once to do all the commands in the here-document...
For work with multiple servers, I have a key with a password on it, which I cache with ssh-agent. It asks me once for my key password, on login, and I can use it until I log out to access any servers that were given that key. It's still password protected, but with one password entry, not 9,000.
The ultimate argument is this: If they hate the idea of keys, they'd be absolutely livid to know you were using a third-party brute-force hacking utility to sledgehammer in passwords in an insecure manner instead.
Last edited by Corona688; 02-06-2012 at 06:05 PM..
No no. I do not have the password stored on the script. They enter thier sign-in/password in the beginning of the script. And it is pulled into a variable while the script is running. As far as I know the variable isn't saved within the text of the script, it is cleared once the script exits and the session closes (I could be incorrect, cause I haven't been doing this too long).
I just need an alternate way, I am not authorized to use keys.
EDIT: Oh you must have snipe edited, your post said something a minute ago.
Hah, no problem. I tried it without the expect, just basic command line and it gets to the point of asking username and PW, then when entered just sits there. The script doesn't continue on if I remember correctly. Thats why I had to dig down in the depths for expect/send.
Perhaps I am misunderstanding your post though. Please clarify a bit if possible
im very happy to back for this forum
I have servers with alias of double dns extentions:
sample:
servera.test.com
servera.test1.com
serverb.test.com
serverb.test1.com
I need to login to that severs and executing the set of commands
if test.com failed then try to login via... (0 Replies)
Dear all
Hi
I want use expect in bash so that we can not use these with each other
/bin/bash. With. /usr/bin/expect
How can use these with on script or how can call a script from other script
#!/bin/bash
clear
echo "================================== "
echo "Enter your Esxi IP"... (3 Replies)
I am trying to execute expect command inside by small bash script to login into servers using key authentication method. My script is as follows:
#!/bin/bash
HOST=$1
/usr/bin/expect -c "
spawn ssh -i /root/.ssh/id_rsa root@$HOST
expect -exact "Enter... (3 Replies)
Hi all,
I have a little problem with a expect in a bash Script.
The hull of my script:
#!/bin/sh
( expect -c '
set a \"eee\"; # the variable a
' )
echo $a; # using the variable out of the expect script
I would like to use the variable out of the expect script(in bash),... (3 Replies)
Having issues with an expect script. I've been scripting bash, python, etc... for a couple years now, but just started to try and use Expect. Trying to create a script that takes in some arguments, and then for now, just runs a pwd command(for testing, final will be command I pass).
Here is... (0 Replies)
#!/bin/bash
#
# RAP configuration script
#
# Usage: ./rap.sh
#
# Requires: expect, tcl
#
# Script expects to find a file called rap.csv located in the same directory as the script. If the file is placed
# in a different directory, modify the custom entries section to specify the absolute... (8 Replies)
Hi, I'm writing a shell script that calls a few commands that prompt the user for two simple yes/no questions. if the answers are consistent (the first is a yes, the second is a no), what would my expect script look like? Google is only giving me answers for scripts where I telnet or ssh. right now... (3 Replies)
This Expect script provides expect with a list of IP addresses to Cisco IPS sensors and commands to configure Cisco IPS sensors. The user, password, IP addresses, prompt regex, etc. have been anonymized. In general this script will log into the sensors and send commands successfully but there are... (1 Reply)
I wrote some expect script to telnet to some device to execute some commands.Firstly,I can't get full result some time,then I try to add some "sleep" command in it.Fortunately it works.
My idea about it is that it uses sleep command to wait the result to be displayed.Am I right or correct the... (4 Replies)
I am new to Shell Scripting and I need help to write the following script in a different format...
This is the current script:
#!/usr/bin/ksh
environment=rms
export environment
. $AW_HOME/RETEK/exec/RETEK_ENVAR
ls -ltr $MMPOS/RTLOG* | tr -s " " | cut -d " " -f9... (20 Replies)
02-06-2012
.