检查 ssh-key 多个服务器

Question 1

像这样的东西：

#!/bin/bash
# I assume "logfile" is the log file. If you just want the last run 
# in the log fil, use date> logfile.
# It is always a good idea to get a time stamp in this kind of logs.
date >> logfile 

# The read takes the input from servers.txt, which is done at the
# bottom using `done < servers.txt`.
# Some people like to do `cat servers.txt | while read -r hostname ; do`
# but they get negative comments on stackexchange :-)
while read -r hostname ; do

    # Test if the host is up with a simple ping
    # Throw away all output.
    if ping -c1 "$hostname"  > /dev/null 2>/dev/null; then

        # We now test if a host is up with a simple command, echo.
        # with -o PasswordAuthentication=no, we make sure that password
        # authentication is not used. Output the result to the logfile.
        if ssh  -o PasswordAuthentication=no "$hostname" echo ' '; then
            echo "OK - $hostname" >>logfile
        else
            echo "AArrrghhh $hostname" >> logfile
        fi
    else
        # I assumed you want some idea of how many servers are skipped.
        echo "skipped $hostname" >> logfile
    fi
done < servers.txt

写得很快，可能需要一些调整。这些评论应该会给您一些关于要检查的内容的提示。

Answer

像这样的东西：

#!/bin/bash
# I assume "logfile" is the log file. If you just want the last run 
# in the log fil, use date> logfile.
# It is always a good idea to get a time stamp in this kind of logs.
date >> logfile 

# The read takes the input from servers.txt, which is done at the
# bottom using `done < servers.txt`.
# Some people like to do `cat servers.txt | while read -r hostname ; do`
# but they get negative comments on stackexchange :-)
while read -r hostname ; do

    # Test if the host is up with a simple ping
    # Throw away all output.
    if ping -c1 "$hostname"  > /dev/null 2>/dev/null; then

        # We now test if a host is up with a simple command, echo.
        # with -o PasswordAuthentication=no, we make sure that password
        # authentication is not used. Output the result to the logfile.
        if ssh  -o PasswordAuthentication=no "$hostname" echo ' '; then
            echo "OK - $hostname" >>logfile
        else
            echo "AArrrghhh $hostname" >> logfile
        fi
    else
        # I assumed you want some idea of how many servers are skipped.
        echo "skipped $hostname" >> logfile
    fi
done < servers.txt

写得很快，可能需要一些调整。这些评论应该会给您一些关于要检查的内容的提示。

Question 2

这是完美的:-)我对它做了一些修改;-)

将 private.ppk 转换为 private.pem：

$ apt install putty-tools
$ puttygen private.ppk -O private-openssh -o private.pem
$ eval `ssh-agent -s`
$ ssh-add priv_key.pem

并且脚本将完美运行

输出.log

root@Pi-3Plus:~# cat output.log
Sat 20 Jul 20:37:51 EEST 2019
SSH-Key Refused - 192.168.1.106
No route to 192.168.4.34
SSH-Key Accepted - 192.168.1.2
No route to 192.168.4.33
SSH-Key Refused - 192.168.1.101
SSH-Key Refused - 192.168.1.195
No route to 192.168.4.39
SSH-Key Accepted - 192.168.1.2

添加以下代码的修改。

#!/bin/bash
# I assume "logfile" is the log file. If you just want the last run
# in the log fill, use date> logfile.
# It is always a good idea to get a time stamp in this kind of logs.
date >> output.log

# The read takes the input from servers.txt, which is done at the
# bottom using `done < servers.txt`.
# Some people like to do `cat servers.txt | while read -r hostname ; do`
# but they get negative comments on stackexchange :-)
while read -r hostname ; do

    # Test if the host is up with a simple ping
    # Throw away all output.
    if ping -c1 "$hostname"  > /dev/null 2>/dev/null; then

        # We now test if a host is up with a simple command, echo.
        # with -o PasswordAuthentication=no, we make sure that password
        # authentication is not used. Output the result to the logfile.
        if ssh -l ADDUSERHERE -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -o PasswordAuthentication=no -n "$hostname" echo ''; then
        echo "SSH-Key Accepted - $hostname" >>output.log
    else
        echo "SSH-Key Refused - $hostname" >> output.log
    fi
else
    # I assumed you want some idea of how many servers are skipped.
    echo "No route to $hostname" >> output.log
    fi
done < servers.txt

Answer

这是完美的:-)我对它做了一些修改;-)

将 private.ppk 转换为 private.pem：

$ apt install putty-tools
$ puttygen private.ppk -O private-openssh -o private.pem
$ eval `ssh-agent -s`
$ ssh-add priv_key.pem

并且脚本将完美运行

输出.log

root@Pi-3Plus:~# cat output.log
Sat 20 Jul 20:37:51 EEST 2019
SSH-Key Refused - 192.168.1.106
No route to 192.168.4.34
SSH-Key Accepted - 192.168.1.2
No route to 192.168.4.33
SSH-Key Refused - 192.168.1.101
SSH-Key Refused - 192.168.1.195
No route to 192.168.4.39
SSH-Key Accepted - 192.168.1.2

添加以下代码的修改。

#!/bin/bash
# I assume "logfile" is the log file. If you just want the last run
# in the log fill, use date> logfile.
# It is always a good idea to get a time stamp in this kind of logs.
date >> output.log

# The read takes the input from servers.txt, which is done at the
# bottom using `done < servers.txt`.
# Some people like to do `cat servers.txt | while read -r hostname ; do`
# but they get negative comments on stackexchange :-)
while read -r hostname ; do

    # Test if the host is up with a simple ping
    # Throw away all output.
    if ping -c1 "$hostname"  > /dev/null 2>/dev/null; then

        # We now test if a host is up with a simple command, echo.
        # with -o PasswordAuthentication=no, we make sure that password
        # authentication is not used. Output the result to the logfile.
        if ssh -l ADDUSERHERE -o StrictHostKeyChecking=no -o IdentitiesOnly=yes -o PasswordAuthentication=no -n "$hostname" echo ''; then
        echo "SSH-Key Accepted - $hostname" >>output.log
    else
        echo "SSH-Key Refused - $hostname" >> output.log
    fi
else
    # I assumed you want some idea of how many servers are skipped.
    echo "No route to $hostname" >> output.log
    fi
done < servers.txt

检查 ssh-key 多个服务器

答案1

答案2

相关内容