0

For the context, i have an infrastructure of multiple machines using ssh. We connect via ssh as root on the machines without password thank's to the authorized_keys file on each mchine. We are adding regularly new machines in our infrastructure.

The problematic is to create a script that :

  1. Pings all the machine (by parsing through a file containing all our machine names)
  2. If the ping is successfull, Test the ssh connection withtout password (with the command ssh -o BatchMode=yes $machine uname -a )
  3. If the ssh doesn't work AND it is because of this message : Are you sure you want to continue connecting (yes/no)? (because it's the first ssh connection to this machine for example), then with an expect script, send "yes"
  4. If the ssh doesn't work AND it is because a password is asked, then with an expect script, send "CTRL + C"

My problem is that the two conditions 3. and 4. can both happen to one machine and i can't figure out how to use the continue statement in my script.

This specific case would be for a machine that asks for a "yes" but after that asks for password too.

Here is what the script looks like :

for machine in `cat ${liste} | grep -v \#`
do

ping -c1 ${machine} 2>&1 >/dev/null

if [ $? -eq 0 ]
then
    echo ${machine} >> ${pingok}    
    ssh -o BatchMode=yes ${machine} uname -a &> $verifssh 2>&1    
    echo $? > ${exitcode}
    
    if grep -q "255" "$exitcode"
    then        
        cut -c 15-74 $verifssh > $verifssh2
                
        if grep "ication failed." "$verifssh2"        
        then                
            expect ${scriptexpectknownhosts} ${machine} 2>&1 >/dev/null
            
            continue 3 
                        
        elif grep "Permission denied (publickey,password,keyboard-interactive)." "$verifssh2"        
        then        
            expect ${scriptexpectknownhosts} ${machine} 2>&1 >/dev/null            
            echo "${machine}   ->  The machine asks for a password" >> "${sshnok}"           
        fi
                
    elif grep -q "0" "$exitcode"   
    then   
        echo "${machine} works with ssh"
        echo "${machine}" >> ${sshok}               
    fi
    
else
    echo "${machine}" >> "${pingnok}"     
fi

done

Here is the expect script (it handles both situation) :

set machine [lindex $argv 0]

spawn ssh $machine

expect {
    "Are you sure you want to continue connecting (yes/no)? "  {send "yes\r";exp_continue}
    -exact "Password: " {close}
    -re $prompt {send "exit\r";close}
}

So in a nutshell, my problem is, for the machine that ask for a "yes" answer and then need a password i want to register them in the ${sshnok} file but the continue doesn't work. I tried continue / continue 2 / continue 3 and it still doesn't want to go back in the previous loop.

Archemar
  • 1,369
  • 11
  • 19
AmelieAudet
  • 13
  • 4
  • Not sure what you expect (no pun intended), `continue` will exit a loop (in this case, it can only exit the global `for machine in ... `) – Archemar Mar 30 '22 at 13:01
  • Thank you for your answer,i misunderstood how to use continue then, is there any way that i could tell the script to re-do the loop from the first or second if ? – AmelieAudet Mar 30 '22 at 13:31
  • Did [the answer you got on stackoverflow yesterday](https://stackoverflow.com/q/71658273/7552) not answer this question? – glenn jackman Mar 30 '22 at 13:43
  • drop `continue` and replace following `elif` by `fi if` ? – Archemar Mar 30 '22 at 13:54

1 Answers1

0

As suggested in a comment, i did drop the continue and instead of multiple elif i just did some more if statements :

for machine in cat ${liste} | grep -v \#

do

echo "."

ping -c1 ${machine} 2>&1 >/dev/null


if [ $? -eq 0 ]

then

    
    echo ${machine} >> ${pingok}
    
    ssh -o BatchMode=yes ${machine} uname -a &> $verifssh 2>&1 
    
    echo $? > ${exitcode}
    
    
    if grep -q "255" "$exitcode"
    
    then
    
    
        cut -c 15-74 $verifssh > $verifssh2
        
        
        if grep "ication failed." "$verifssh2"
        
        then 
        
        
            expect ${scriptexpectknownhosts} ${machine} 2>&1 >/dev/null
            

        fi
        
        
        ssh -o BatchMode=yes ${machine} uname -a &> $verifssh 2>&1
        
        cut -c 15-74 $verifssh > $verifssh2
        
        
        if grep "Permission denied (publickey,password,keyboard-interactive)." "$verifssh2"
        
        then
        
        
            expect ${scriptexpectknownhosts} ${machine} 2>&1 >/dev/null
            
            echo "${machine}   ->  Probleme de cle ssh (demande un mdp)" >> "${sshnok}"
            
            
        fi
        
        
        ssh -o BatchMode=yes ${machine} uname -a &> $verifssh 2>&1
        
        echo $? > ${exitcode}
        
        
        if grep -q "0" "$exitcode"
        
        then
        
        
            echo "${machine}" >> ${sshok}
            
            
        fi
        
        
    elif grep -q "0" "$exitcode"
    
    then
    
    
        echo "${machine}" >> ${sshok}
        
        
    elif grep -q "1" "$exitcode"
    then
    
    
        echo "wtf 1"
        
        
    fi
    
    
else


    echo "${machine}" >> "${pingnok}"
    
    
fi


done

Thank you very much for all the answers !

AmelieAudet
  • 13
  • 4