- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Automated SSH key distribution
Operating System - HP-UX
1753975
Members
7237
Online
108811
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-12-2011 01:30 AM
тАО04-12-2011 01:30 AM
Hi,
Could you please advise with issue described below?
I've just generated an ssh key pair on HP-UX. Now I need to distribute my authorized_keys to over 200 systems, so I can connect them later without password.
What I'm trying to create is a script which will:
login to remote system
create .ssh directory
copy there authorized_keys
I'm searching for an automated login without requesting password for each system (it's always the same). I think expect would make my life easier, but don't know how to use it...
Could you please advise with issue described below?
I've just generated an ssh key pair on HP-UX. Now I need to distribute my authorized_keys to over 200 systems, so I can connect them later without password.
What I'm trying to create is a script which will:
login to remote system
create .ssh directory
copy there authorized_keys
I'm searching for an automated login without requesting password for each system (it's always the same). I think expect would make my life easier, but don't know how to use it...
Solved! Go to Solution.
- Tags:
- ssh
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-12-2011 02:16 AM
тАО04-12-2011 02:16 AM
Solution
If I recall correctly, one of the example scripts that comes with expect is called "autoexpect": you can start it, then login to a remote system once. The autoexpect script will monitor your inputs and outputs and will auto-generate a script to perform the same procedure again.
After generating a script with autoexpect, you usually have to tweak it manually to make it work with all hosts, instead of only the specific one you used as an example: for example, you may want to replace hostnames in the script with command-line arguments or other variables, and edit the prompts and other strings incoming from the remote host, so that they will be applicable to all hosts (for example, remove or replace with wildcards any expected strings that include version numbers).
Here are some links to documentation about Expect:
http://wiki.tcl.tk/Expect
http://expect.sourceforge.net/
Of course, the stupid lazy way is to make a simple script that issues all the necessary commands to all the hosts in sequence, and then use the Copy/Paste functionality of your workstation to repeatedly enter the password at each prompt as it appears.
Pressing Alt-V (the common Windows keyboard shortcut for Paste) or the middle mouse button (for the Paste function of the X11 Window System) repeatedly for 250..500 times is utterly boring and RSI-inducing (remember to flex your hands once in a while!), but doable if you only have to do it once.
If you can use one HP-UX (or any Unix-style system) to log on to all the others, here's one way to do your task:
- create the .ssh directory and the authorized_keys file on one HP-UX host, set the permissions properly, and make sure it works
- create a text file that contains the hostnames of your target systems, one per line
- use the "ssh-keyscan" command to gather a set of SSH host keys for all your hosts in advance, and store it to the known_hosts file, so you won't have to answer any "SSH hostkey is unknown" prompts.
- run "scp -rp .ssh username@second_host:" to recursively copy the entire .ssh directory to your home directory to one other host, to verify it works and the only thing you need to type is the password
- make a tiny script like this:
#!/bin/sh
while read TARGET
do
echo "Connecting to ${TARGET}"
scp -rp .ssh username@${TARGET}:
done
- pipe the list of hostnames to the script:
sh yourscript.sh < list_of_hostnames.txt
- use another terminal window (or Notepad etc.) to copy your password to the Copy/Paste buffer, then switch to the window that runs your script, and start hitting the Paste key.
- keep a notepad handy (either a physical one, or one in another window on your screen) so you can record the names of any hosts which seem to have problems, or need some further attention.
MK
After generating a script with autoexpect, you usually have to tweak it manually to make it work with all hosts, instead of only the specific one you used as an example: for example, you may want to replace hostnames in the script with command-line arguments or other variables, and edit the prompts and other strings incoming from the remote host, so that they will be applicable to all hosts (for example, remove or replace with wildcards any expected strings that include version numbers).
Here are some links to documentation about Expect:
http://wiki.tcl.tk/Expect
http://expect.sourceforge.net/
Of course, the stupid lazy way is to make a simple script that issues all the necessary commands to all the hosts in sequence, and then use the Copy/Paste functionality of your workstation to repeatedly enter the password at each prompt as it appears.
Pressing Alt-V (the common Windows keyboard shortcut for Paste) or the middle mouse button (for the Paste function of the X11 Window System) repeatedly for 250..500 times is utterly boring and RSI-inducing (remember to flex your hands once in a while!), but doable if you only have to do it once.
If you can use one HP-UX (or any Unix-style system) to log on to all the others, here's one way to do your task:
- create the .ssh directory and the authorized_keys file on one HP-UX host, set the permissions properly, and make sure it works
- create a text file that contains the hostnames of your target systems, one per line
- use the "ssh-keyscan" command to gather a set of SSH host keys for all your hosts in advance, and store it to the known_hosts file, so you won't have to answer any "SSH hostkey is unknown" prompts.
- run "scp -rp .ssh username@second_host:" to recursively copy the entire .ssh directory to your home directory to one other host, to verify it works and the only thing you need to type is the password
- make a tiny script like this:
#!/bin/sh
while read TARGET
do
echo "Connecting to ${TARGET}"
scp -rp .ssh username@${TARGET}:
done
- pipe the list of hostnames to the script:
sh yourscript.sh < list_of_hostnames.txt
- use another terminal window (or Notepad etc.) to copy your password to the Copy/Paste buffer, then switch to the window that runs your script, and start hitting the Paste key.
- keep a notepad handy (either a physical one, or one in another window on your screen) so you can record the names of any hosts which seem to have problems, or need some further attention.
MK
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-12-2011 05:39 AM
тАО04-12-2011 05:39 AM
Re: Automated SSH key distribution
Hi:
Look at 'csshsetup' which is a part of the Distributed Systems Administration Utilities (DSAU):
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=DSAUtilities
See the documentation here:
http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c01920477/c01920477.pdf
Regards!
...JRF...
Look at 'csshsetup' which is a part of the Distributed Systems Administration Utilities (DSAU):
http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=DSAUtilities
See the documentation here:
http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c01920477/c01920477.pdf
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-13-2011 01:34 AM
тАО04-13-2011 01:34 AM
Re: Automated SSH key distribution
Thanks a lot for feedback guys :)
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP