[CentOS] SSH Remote Execution - su?

Thu Mar 4 16:23:49 UTC 2010
Les Mikesell <lesmikesell at gmail.com>

On 3/4/2010 10:16 AM, Chris Murphy wrote:
> I used to manage ~150 Linux desktop and would have to do one off scripts
> to make updates.  Fortunately I found Puppet and now I never have to do
> things like this any more but here's the Bash/Expect combo that I used
> to use:
>
> chris$ ./mass_copy.sh:
>
> #!/bin/sh
> export ROOTPW='secret1'
> export ADMINPW='secret2'
>
> HIVES="machine1 machine2 machine3"
> for machine in $HIVES; do
>      /path/to/script/get_root.exp $machine
> done
>
> chris$ cat get_root.exp
> #!/usr/bin/expect -f
>
> set timeout 40
>
> spawn ssh [lrange $argv 0 0]
> expect "admin@$argv's password:"
> send "$env(ADMINPW)\n"
> expect "\\$"
> send "exec su -\n"
> expect "Password: "
> send "$env(ROOTPW)\n"
> expect "#"
> send "/mnt/it_updates/update_something.sh\n"
> interact
> expect "\\#"
> send "exit\n"
>
> This was handed down to me by the sysadmin who was here before me and it
> worked great except sometimes it would not log out of each machine and I
> would have to babysit it and press CTRL-D after each run.  It can easily
> be expanded on to suit your needs, and maybe someone in the mailing list
> can refine it, but if this is your job and you think there is even the
> remotest possibility that you would have to do this again, seriously
> look into Puppet, Func, mCollective, really anything is easier then
> doing it this way.

What's the problem with key-based ssh directly as root?

-- 
   Les Mikesell
    lesmikesell at gmail.com