I used to manage ~150 Linux desktop and would have to do one off scripts to make updates. Fortunately I found Puppet and now I never have to do things like this any more but here's the Bash/Expect combo that I used to use: chris$ ./mass_copy.sh: #!/bin/sh export ROOTPW='secret1' export ADMINPW='secret2' HIVES="machine1 machine2 machine3" for machine in $HIVES; do /path/to/script/get_root.exp $machine done chris$ cat get_root.exp #!/usr/bin/expect -f set timeout 40 spawn ssh [lrange $argv 0 0] expect "admin@$argv's password:" send "$env(ADMINPW)\n" expect "\\$" send "exec su -\n" expect "Password: " send "$env(ROOTPW)\n" expect "#" send "/mnt/it_updates/update_something.sh\n" interact expect "\\#" send "exit\n" This was handed down to me by the sysadmin who was here before me and it worked great except sometimes it would not log out of each machine and I would have to babysit it and press CTRL-D after each run. It can easily be expanded on to suit your needs, and maybe someone in the mailing list can refine it, but if this is your job and you think there is even the remotest possibility that you would have to do this again, seriously look into Puppet, Func, mCollective, really anything is easier then doing it this way. Chris On 3/4/10 12:48 AM, Chris Geldenhuis wrote: > Tim Nelson wrote: > >> >> Tim Nelson >> Systems/Network Support >> Rockbochs Inc. >> (218)727-4332 x105 >> >> ----- "Jeremy Rosengren"<jeremy.rosengren at gmail.com> wrote: >> >>> On Wed, Mar 3, 2010 at 3:36 PM, James Hogarth >>> >> <james.hogarth at gmail.com<mailto:james.hogarth at gmail.com>> wrote: >> >>> >> > On 3 March 2010 21:20, Tim Nelson<tnelson at rockbochs.com >> <mailto:tnelson at rockbochs.com>> wrote: >> > > Greetings All- >> > > >> > > I'm about to embark on some remote management testing and need >> a way to login to a remote system running CentOS 4.x/5.x via SSH, >> su to root (using a password), then execute a command. >> > > >> > > I currently login to the boxes using key based SSH like this: >> > > >> > > ssh -i ~/remote_key admin@$REMOTEIP >> > > >> > > Then, I SU to root. However, if I try to do this automatically >> like this: >> > > >> > > ssh -i ~/remote_key admin@$REMOTEIP 'su -l' >> > > >> > > I'm getting: >> > > >> > > "standard in must be a tty" >> > > >> > > So, how am I able to remote login using SSH, su to root, then >> execute a command as root? >> > > >> > > All comments and suggestions welcome. Thanks! >> > > >> > > --Tim >> > > _______________________________________________ >> > > CentOS mailing list >> > > CentOS at centos.org<mailto:CentOS at centos.org> >> > > http://lists.centos.org/mailman/listinfo/centos >> > > >> > >> > >> Best off configuring sudo for that user (with no password) and make >> > sure that user has !requiretty in the sudoers configuration. >> > >> > James >> > >> > _______________________________________________ >> > CentOS mailing list >> > CentOS at centos.org<mailto:CentOS at centos.org> >> > http://lists.centos.org/mailman/listinfo/centos >> >> >> >>> >> Does "ssh -t" help? >> >> YESS. It prevents the tty error from showing up and asks me for a >> password as expected. BUT, how do I then automate the entering of the >> password? >> >> John Kennedy mentioned using expect which I've used before but found >> it to be 'finnicky'. I may have to look at it again... >> >> Changing settings such as sudo configuration or ssh config may be >> daunting since I have a large number of systems(150+) that would need >> to be modified. :-/ >> >> --Tim >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> > I found that Python expect is far more logical and understandable for > complex tasks than the expect command. > > ChrisG > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100304/cd9b52c4/attachment-0005.html>