Operating System - HP-UX
1748202 Members
2959 Online
108759 Solutions
New Discussion юеВ

Re: login with username and password in script using `expect and send` binaries

 
jenith christopher
Occasional Advisor

login with username and password in script using `expect and send` binaries

Hi,

I have some 50 unix servers in my DC. I want to execute a script to get the status of the user id's going to expire.
succeed in script also...But it is asking username and password while login to other machines.

I have given the script here for your reference(100% ok with script and tested also in single server)

I heard that `expect and send` wil do these type of things... But i dont know the syntax and where i have to download these binaries....


It could be fine if it is like this....

1)user1@xxx.xx
password:
su - root
Password:
2)run the script
3)ftp the output file
4)logout


Note:
1)Trusting of ssh is disabled, no chance to enable it.
2)Direct root login is also disabled.


PLEASE HELP ME!!!


SCRIPT:

for USER in $(listusers | awk '{ print $1 }')

do

EXPDATE=$(logins -x -l $USER | tail -1 | awk '{print $4}')

if [ $EXPDATE -lt 3 ]

then

export HN=`hostname`

export IP=`cat /etc/hosts | grep $HOSTNAME | cut -f 1`

print "HOSTNAME:$HN\nIP\t:"$IP"\n$USER Password expires in $EXPDATE dates" > test.doc

#mailx -s "hi" $USER < test.doc

ftp -v -n 172.xxx.xxx.xx << !EOF

user username passwd

bi

mput test.doc

yes

bye

!EOF

fi

done
5 REPLIES 5
Steven E. Protter
Exalted Contributor

Re: login with username and password in script using `expect and send` binaries

Shalom,

I'd approach it a little differently.

I'd have a single master server and place its public ssh key on all other systems as authorized_keys file

Then I'd write a script that did this.

while read -r system
do
ssh $system "passwd -a"
# run any report you want place a custom report script on all systems.
done > list


list contains list of systems

For more on password free access with ssh public keys:

http://www.hpux.ws/?p=10

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
jenith christopher
Occasional Advisor

Re: login with username and password in script using `expect and send` binaries

Hi,

I have already stated that " ssh trusting is not possible in our environment... it is disabled for security resons..."

I need to supply the password by someother way...

Do you know about expect and send binaries..?

Anyway thanks for the link..

Regards,
Jenith Christopher
Steven Schweda
Honored Contributor

Re: login with username and password in script using `expect and send` binaries

> I have already stated that " ssh trusting
> is not possible in our environment... it
> is disabled for security resons..."

So, if I understand this correctly, SSH is
_not_ secure enough, but storing the "root"
password in a file _is_ secure enough?

AIIEEE!!!!

> Do you know about expect and send binaries..?

You tried a Google search for, say,
hp-ux expect
and found nothing useful? Really?
jenith christopher
Occasional Advisor

Re: login with username and password in script using `expect and send` binaries

Thanks for your help Steven and SEP.

Understood Steve.. Plese reply me if anyother way is there except ssh-trusting.


Regards,
Jenith Christopher
OldSchool
Honored Contributor

Re: login with username and password in script using `expect and send` binaries

"expect" will require you to store the password in the script...bad news for audits.

if rlogin / remsh / rexec are currently allowed, then setting up rhosts on the "other" servers will allow account on one server to get in w/o passwd to the other servers....again all of the above are insecure and "bad" from a audit perspective.

ssh w/ keys is far more secure and should be acceptable to auditors