|
|
Using Shell Script to SSH
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Here is a situation:
need to set up a shell script that will SSH to 25 different machines one at a time and envoke a script i have on them. the romte script is already called by CRON once a night, however I want the option of running the script at my own convenience. Have sudoers file and SSH keys set up so that no passwords will be asked for.
Just curious about how a Shell Script would look to connect, run a few commands on the remote machine, disconnect and then move to the next machine etc etc.
Thanks
BostonMACOSX
|
|
|
|
|
|
|
|
|
Junior Member
Join Date: Jan 2003
Status:
Offline
|
|
ssh -T user@host <<EOF
ls -l
more commands here
EOF
What are your motives for wanting to do this?
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Originally posted by Tritium:
ssh -T user@host <<EOF
ls -l
more commands here
EOF
What are your motives for wanting to do this?
25 machines which I need to run a script on. It is in cron normally, but of I want to run it off schedule. I want to be able to select each machine from my laptop and run a script remotely. They are just some maintenence scripts. Would I repeat the code in blocks for each machine I want this to effect?
|
|
|
|
|
|
|
|
|
Junior Member
Join Date: Jan 2003
Status:
Offline
|
|
hosts="user@host1 user2@host2 some@where"
for h in $hosts; do
ssh code here
done
bash, of course
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Originally posted by Tritium:
hosts="user@host1 user2@host2 some@where"
for h in $hosts; do
ssh code here
done
bash, of course
And Done I assume will close the SSH connection? How does it differ from your EOF example?
Sorry for all the question...
Thanks
BostonMACOSX
|
|
|
|
|
|
|
|
|
Junior Member
Join Date: Jan 2003
Status:
Offline
|
|
done is the end of the for loop. You still need the ssh user@host <<EOF and then EOF code inside the for loop.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Originally posted by Tritium:
done is the end of the for loop. You still need the ssh user@host <<EOF and then EOF code inside the for loop.
thanks for all the help. One of the commands I run remotely spits back a lot and takes some time to complete. Is there a way just to move on to the next computer after sending the command withough having to wait for it to complete?
Thanks
BostonMACOSX
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2001
Location: Atlanta, GA, USA
Status:
Offline
|
|
Originally posted by BostonMACOSX:
thanks for all the help. One of the commands I run remotely spits back a lot and takes some time to complete. Is there a way just to move on to the next computer after sending the command withough having to wait for it to complete?
Thanks
BostonMACOSX
You can do your ssh command in the background by adding an "&" on the end of the command. So:
ssh -T user@host "mycommand &"
Of course, your standard output will still come back to the controlling shell unless you redirect it or use nohup.
|
Mac Pro 2x 2.66 GHz Dual core, Apple TV 160GB, two Windows XP PCs
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Sep 2000
Status:
Offline
|
|
But what if the servers need password? I tried putting the password after the username but no luck like this:
ssh -T User assword@host <<EOF
ls -l
more commands here
EOF
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Dec 2001
Location: Atlanta, GA, USA
Status:
Offline
|
|
Originally posted by thanatos:
But what if the servers need password? I tried putting the password after the username but no luck like this:
ssh -T Userassword@host <<EOF
ls -l
more commands here
EOF
As far as I know, there's no way to enter the password via the script. You really have two options. Both involve generating ssh-keys (via ssh-keygen, use DSA instead of RSA), then adding the public key to the authorized_keys file in ~/.ssh on the remote boxes.
In option 1, you use no passphrase. That way, your private key gets you in. If you have security on the originating box, this is fine. If not, see option 2:
In option 2, you use a passphrase. Then, you run ssh-agent, which will temporarily cache your passphrase for you. The cron jobs can then get the passphrase from the ssh-agent and use it to log into the remote boxes. This is more secure, but less convenient.
|
Mac Pro 2x 2.66 GHz Dual core, Apple TV 160GB, two Windows XP PCs
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Sep 2000
Status:
Offline
|
|
Originally posted by Arkham_c:
As far as I know, there's no way to enter the password via the script. You really have two options. Both involve generating ssh-keys (via ssh-keygen, use DSA instead of RSA), then adding the public key to the authorized_keys file in ~/.ssh on the remote boxes.
In option 1, you use no passphrase. That way, your private key gets you in. If you have security on the originating box, this is fine. If not, see option 2:
In option 2, you use a passphrase. Then, you run ssh-agent, which will temporarily cache your passphrase for you. The cron jobs can then get the passphrase from the ssh-agent and use it to log into the remote boxes. This is more secure, but less convenient.
Thanks I'll try that out...
|
|
|
|
|
|
|
|
|
Mac Elite
Join Date: Sep 2001
Location: Chico, CA and Carlsbad, CA.
Status:
Offline
|
|
Originally posted by Tritium:
ssh -T user@host <<EOF
ls -l
more commands here
EOF
Question, why the <<EOF AND the EOF at the end of the input? I understand the use of the double arrow brackets used as such: cat /etc/passwd >> append_me for appending output instead of just writing it (or overwriting) but I've never seen it used as an input operator like above...
Also, how does the "EOF" at the bottom of the input work? I thought you had to control-D to end input? Wouldn't the text "EOF" be different than the code sent by a control-D?
|
"In Nomine Patris, Et Fili, Et Spiritus Sancti"
|
|
|
|
|
|
|
|
Professional Poster
Join Date: Oct 1999
Location: :ИOITAↃO⅃
Status:
Offline
|
|
Bash "here documents":
A here document is a special-purpose code block. It uses a form of I/O redirection to feed a command list to an interactive program or command, such as ftp, telnet, or ex.
Code:
#!/bin/bash
interactive-program <<LimitString
command #1
command #2
...
LimitString
If you haven't discovered it yet, the Advanced Bash Scripting Guide is a wonderful resource.
One way you could learn about something like this is by typing:
man bash
then type
/<< and hit return
where the / means "search", then you enter the search string, followed by return.
The first hit hit is about "here documents", and you can then press n to cycle through subsequent occurrences of "<<" in the manpage.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|