monitoring ssh

dan.simoes＠gmail.com

23 Aug 2007 23 Aug '07

6:12 p.m.

I know how to monitor the service availablity on port 22. I'm wondering if anyone has actually made a script that connects, logs in, writes a file (say with scp) and only then returns a green status. We got burned with an ssh keys problem so I have to deploy something like this.

Show replies by date

lebarber＠gmail.com

23 Aug 23 Aug

6:17 p.m.

New subject: [hobbit] monitoring ssh

I used Python and pexpect to write a script that changed the passwords on all my machines. A script to do what you are asking for should be quite straight forward using those tools.

Thanks, Larry Barber

On 8/23/07, Dan Simoes <dan.simoes at gmail.com> wrote:

...

I know how to monitor the service availablity on port 22. I'm wondering if anyone has actually made a script that connects, logs in, writes a file (say with scp) and only then returns a green status. We got burned with an ssh keys problem so I have to deploy something like this.

lebarber＠gmail.com

6:21 p.m.

New subject: [hobbit] monitoring ssh

Just to give you an idea, here's the script:

#!/usr/bin/python

import os import sys import pexpect import getopt

import ConfigFile

def changeUserPw(host, user, cur_pw, new_pw):

    log_file.write('Changing password of user ' + user + ' on host ' +

host + '\n') child=pexpect.spawn('slogin ' + user + '@' + host)

    child.expect('[Pp]assword:')
    child.send(cur_pw + '\n')
    child.expect('[#\$] ')
    child.send('passwd\n')
    child.expect('[Cc]urrent.*[pP]assword:')
    child.send(cur_pw + '\n')
    child.expect('[Nn]ew [Pp]assword:')
    child.send(new_pw + '\n')
    child.expect('[Nn]ew [Pp]assword:')
    child.send(new_pw + '\n')
    child.expect('[#\$] ')
    log_file.write('password change successful\n')
    child.send('exit\n');
    child.expect(pexpect.EOF)

def changeRootPw(host, user, cur_pw, cur_root_pw, new_root_pw):

    log_file.write('Changing password of user root on host ' + host +

'\n') child=pexpect.spawn('slogin ' + user + '@' + host)

    child.expect('[Pp]assword:')
    child.send(cur_pw + '\n')
    child.expect('[#\$] ')

    child.send('su -\n')
    child.expect('[Pp]assword:')
    child.send(cur_root_pw + '\n')
    child.expect('[#\$] ')

    child.send('passwd\n')
    child.expect('[Nn]ew [Pp]assword:')
    child.send(new_root_pw + '\n')
    child.expect('[Nn]ew [Pp]assword:')
    child.send(new_root_pw + '\n')
    child.expect('[#\$] ')

    log_file.write('password change successful\n')
    child.send('exit\n');           # exit from root shell
    child.expect('[#\$] ')
    child.send('exit\n');           # exit from user shell
    child.expect(pexpect.EOF)

opts, args = getopt.getopt(sys.argv[1:], "c:") cfg_file_name = None for o,a in opts: if o == '-c': cfg_file_name = a

if cfg_file_name == None: print 'PwChange.py -c <config file name>' sys.exit(0)

cfg_file=ConfigFile.ConfigFile(cfg_file_name, ':')

log_file_name = cfg_file.getVal('log_file') if log_file_name == None or log_file_name == '': log_file = sys.stderr else: log_file = open(log_file_name, 'w');

groups = cfg_file.getVal('groups'); for group in groups.split(): pw_file_name = cfg_file.getVal(group + '.pw_file') if pw_file_name == None: print "No " + group + ".pw_file parameter in config file, exiting" sys.exit(0) pw_file = open(pw_file_name, 'r');

    default_cur_pw = cfg_file.getVal(group + '.default_cur_pw');
    default_new_pw = cfg_file.getVal(group + '.default_new_pw');
    default_cur_root_pw = cfg_file.getVal(group +

'.default_cur_root_pw'); default_new_root_pw = cfg_file.getVal(group + '.default_new_root_pw');

    for ln in pw_file:
            if ln[0] == '#':
                    continue
            if ln.strip() == '' or ln.strip() == None:
                    continue
            fields = ln[0:-1].split(':')
            if len(fields) == 4:
                    if fields[2] == 'default':
                            if default_cur_pw != None:
                                    fields[2] = default_cur_pw
                            else:
                                    print "default specified in password

file, but no default_cur_pw specified in config file, bye!" sys.exit(0) if fields[3] == 'default': if fields[3] != None: fields[3] = default_new_pw else: print "default specified in password file, but no default_new_pw specified in config file, bye!" sys.exit(0) changeUserPw(fields[0], fields[1], fields[2], fields[3]) elif len(fields) == 5: if fields[2] == 'default': if default_cur_pw != None: fields[2] = default_cur_pw else: print "default specified in password file, but no default_cur_pw specified in config file, bye!" sys.exit(0) if fields[3] == 'default': if default_cur_root_pw != None: fields[3] = default_cur_root_pw else: print "default specified in password file, but no default_cur_root_pw specified in config file, bye!" sys.exit(0) if fields[4] == 'default': if default_new_root_pw != None: fields[4] = default_new_root_pw else: print "default specified in password file, but no default_new_root_pw specified in config file, bye!" sys.exit(0) changeRootPw(fields[0], fields[1], fields[2], fields[3], fields[4]) pw_file.close()

What you're trying to do should be considerably shorter.

Thanks, Larry Barber

On 8/23/07, Larry Barber <lebarber at gmail.com> wrote:

...

I used Python and pexpect to write a script that changed the passwords on all my machines. A script to do what you are asking for should be quite straight forward using those tools.

Thanks, Larry Barber

On 8/23/07, Dan Simoes <dan.simoes at gmail.com> wrote:

...
I know how to monitor the service availablity on port 22. I'm wondering if anyone has actually made a script that connects, logs in, writes a file (say with scp) and only then returns a green status. We got burned with an ssh keys problem so I have to deploy something like this.

s_aiello＠comcast.net

6:23 p.m.

New subject: [hobbit] monitoring ssh

I believe I wrote a script that wrapped around lftp and lftp handles sftp. lftp is nice since it handles a few protocols. The script never made it to stable status, since the project I was monitoring, fell through.

~ Steve

On Thursday 23 August 2007 14:12, Dan Simoes wrote:

...

I know how to monitor the service availablity on port 22. I'm wondering if anyone has actually made a script that connects, logs in, writes a file (say with scp) and only then returns a green status. We got burned with an ssh keys problem so I have to deploy something like this.

stef.coene＠docum.org

6:38 p.m.

New subject: [hobbit] monitoring ssh

On Thursday 23 August 2007, Dan Simoes wrote:

...

I know how to monitor the service availablity on port 22. I'm wondering if anyone has actually made a script that connects, logs in, writes a file (say with scp) and only then returns a green status. We got burned with an ssh keys problem so I have to deploy something like this. Take a look at expect. You can simulate all kind of interactive command line stuff. I use this to remote connect with ssh / telnet and to transfer files with scp.

Stef

6880

Age (days ago)

6880

Last active (days ago)

List overview

Download

4 comments

4 participants

participants (4)

dan.simoes＠gmail.com
lebarber＠gmail.com
s_aiello＠comcast.net
stef.coene＠docum.org

monitoring ssh

dan.simoes＠gmail.com

lebarber＠gmail.com

lebarber＠gmail.com

s_aiello＠comcast.net

stef.coene＠docum.org

tags

participants (4)