linux 批量升级openssh8.0
updateopenssh.sh
explujing=/home/updateopenssh.exp
username=root
password=123456
iplist="
192.167.1.94
192.167.1.95
192.167.1.96
192.167.1.97
"
port=22
for ip in $omplist
do
$explujing $ip $username $password $port
done
#-------------------------------------
updateopenssh.exp
#!/usr/bin/expect -f
set date [exec date -d day +'%Y%m%d']
set date [exec date -d day +'%Y%m%d']
set desthost [lindex $argv 0]
set username [lindex $argv 1]
set password [lindex $argv 2]
set port [lindex $argv 3]
set username [lindex $argv 1]
set password [lindex $argv 2]
set port [lindex $argv 3]
spawn ssh -D $port $username@$desthost
expect "*assword:*"
send "$password\r"
expect {
"*(yes/no)?"
{
send "yes\n"
expect "*assword:" {send "$password\n"}
}
"*assword:"
{
send "$password\n"
}
}
expect "*#"
send "scp root@192.167.1.74:/root/openssh-8.0p1.tar.gz /root/ \r"
expect {
"*(yes/no)?"
{
send "yes\n"
expect "*assword:" {send "$password\n"}
}
"*assword:"
{
send "$password\n"
}
}
"*(yes/no)?"
{
send "yes\n"
expect "*assword:" {send "$password\n"}
}
"*assword:"
{
send "$password\n"
}
}
expect "*#"
send "scp root@192.167.1.74:/root/openssh-8.0p1.tar.gz /root/ \r"
expect {
"*(yes/no)?"
{
send "yes\n"
expect "*assword:" {send "$password\n"}
}
"*assword:"
{
send "$password\n"
}
}
expect "100%"
send "cd /etc/\r"
send "cd /etc/\r"
expect "*#"
send "rm -rf ssh_bak\r"
send "rm -rf ssh_bak\r"
expect "*#"
send "cd /etc/init.d/\r"
send "cd /etc/init.d/\r"
expect "*#"
send "rm -rf sshd_bak\r"
send "rm -rf sshd_bak\r"
expect "*#"
send "mv /etc/ssh /etc/ssh_bak\r"
expect "*#"
send "/etc/init.d/sshd /etc/init.d/sshd_bak\r"
send "/etc/init.d/sshd /etc/init.d/sshd_bak\r"
expect "*#"
send "cd /root/\r"
send "cd /root/\r"
expect "*#"
send "tar xfz openssh-8.0p1.tar.gz\r"
sleep 3;
expect "*#"
send "cd /root/openssh-8.0p1/\r"
send "tar xfz openssh-8.0p1.tar.gz\r"
sleep 3;
expect "*#"
send "cd /root/openssh-8.0p1/\r"
expect "*#"
send -- "./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords--with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening\r"
sleep 80;
expect "*#"
send "make\r"
sleep 80;
expect "*#"
send "make install\r"
sleep 80
expect "*#"
send "yes | cp -a opensshd.init /etc/init.d/sshd\r"
sleep 2;
send -- "./configure --prefix=/usr --sysconfdir=/etc/ssh --with-md5-passwords--with-pam --with-tcp-wrappers --with-ssl-dir=/usr/local/ssl --without-hardening\r"
sleep 80;
expect "*#"
send "make\r"
sleep 80;
expect "*#"
send "make install\r"
sleep 80
expect "*#"
send "yes | cp -a opensshd.init /etc/init.d/sshd\r"
sleep 2;
expect "*#"
send "chmod +x /etc/init.d/sshd\r"
sleep 1;
send "chmod +x /etc/init.d/sshd\r"
sleep 1;
expect "*#"
send "cat /etc/ssh/sshd_config | grep Per\r"
sleep 1;
send "cat /etc/ssh/sshd_config | grep Per\r"
sleep 1;
expect "*#"
send "echo \'PermitRootLogin yes\' >> /etc/ssh/sshd_config\r"
sleep 1;
send "echo \'PermitRootLogin yes\' >> /etc/ssh/sshd_config\r"
sleep 1;
expect "*#"
send "chmod +x /etc/init.d/sshd\r"
sleep 2;
send "chmod +x /etc/init.d/sshd\r"
sleep 2;
expect "*#"
send "service sshd restart\r"
sleep 2;
send "service sshd restart\r"
sleep 2;
expect "*#"
send "service sshd restart\r"
sleep 2;
send "service sshd restart\r"
sleep 2;
interact
