18 SSH and execution of scripts on remote servers - kumar159man/MyShellLearning GitHub Wiki
The SSH (secured shell) protocol uses encryption to secure the connection between a client and a server. All user authentication, commands, output, and file transfers are encrypted to protect against attacks in the network.
Through ssh we can connect the remote server through password and password less connection
While using ssh there is one pre-requisite sshd should be running on the server. For establishing ssh connection with password we need to un-comment argument PasswordAuthentication yes and comment PasswordAuthentication no in /etc/ssh/sshd_config file
myubuntu@myubuntu-VirtualBox:~$ ssh [email protected] [email protected]'s password: Last login: Thu Jul 30 03:58:25 2020 from 49.207.56.4 __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ 21 package(s) needed for security, out of 42 available Run "sudo yum update" to apply all updates. [myubuntu@ip-172-31-34-155 ~]$ whoami myubuntu
NOTE: The user should be available on the remote server
In order to have a passwordless entry keys should be exchanged between local and remote server
- Generating a key on local
myubuntu@myubuntu-VirtualBox:~$ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/myubuntu/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/myubuntu/.ssh/id_rsa Your public key has been saved in /home/myubuntu/.ssh/id_rsa.pub The key fingerprint is: SHA256:gNuSjInih0SnEJKLweq0jpo7TTsa3QhITM3bfgO++KQ myubuntu@myubuntu-VirtualBox The key's randomart image is: +---[RSA 3072]----+ |+oo | |*o o . | |+* .+ . | |Ooo= * . | |Bo+ B o S | |+=oo + o | |+=ooo.o . | |o+=.o. | |*+ E.. | +----[SHA256]-----+ myubuntu@myubuntu-VirtualBox:~$
- Location of the key generated .ssh folder will be created on home folder of the user
myubuntu@myubuntu-VirtualBox:~$ ls -a /home/myubuntu/.ssh/ . .. id_rsa id_rsa.pub known_hosts myubuntu@myubuntu-VirtualBox:~$
id_rsa.pub is the public key which needs to be copied to the remote server
- Copy keys to remote
myubuntu@myubuntu-VirtualBox:~$ ssh-copy-id [email protected] /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.
- Login to remote without a prompt for password
myubuntu@myubuntu-VirtualBox:~$ ssh [email protected] Last login: Thu Jul 30 03:59:25 2020 from 49.207.56.4 __| __|_ ) _| ( / Amazon Linux 2 AMI ___|\___|___| https://aws.amazon.com/amazon-linux-2/ 21 package(s) needed for security, out of 42 available Run "sudo yum update" to apply all updates. [myubuntu@ip-172-31-34-155 ~]$
One way is to manually ssh into the server and execute the command. Other way is with help of ssh command. When you connect to a remote server for the first time it asks to add the fingure print to known host. Let's disable it through -o StrictHostKeyChecking=no flag.
- Execute command
myubuntu@myubuntu-VirtualBox:~$ ssh -o StrictHostKeyChecking=no [email protected] "whoami" myubuntu
- Execute multiple command
myubuntu@myubuntu-VirtualBox:~$ ssh -o StrictHostKeyChecking=no [email protected] "whoami;date;uptime" myubuntu Thu Jul 30 04:28:45 UTC 2020 04:28:45 up 41 min, 2 users, load average: 0.00, 0.00, 0.00
- storing the command output to a variable
myubuntu@myubuntu-VirtualBox:~$ var1=$(ssh -o StrictHostKeyChecking=no [email protected] "whoami;date;uptime") myubuntu@myubuntu-VirtualBox:~$ echo $var1 myubuntu Thu Jul 30 04:31:06 UTC 2020 04:31:06 up 44 min, 2 users, load average: 0.04, 0.04, 0.01 myubuntu@myubuntu-VirtualBox:~$
- write command output to a file
myubuntu@myubuntu-VirtualBox:~$ ssh -o StrictHostKeyChecking=no [email protected] "whoami;date;uptime" > t1.txt myubuntu@myubuntu-VirtualBox:~$ ls Desktop Documents Downloads get-docker.sh Music Pictures Public t1.txt Templates Videos myubuntu@myubuntu-VirtualBox:~$ cat t1.txt myubuntu Thu Jul 30 04:34:40 UTC 2020 04:34:40 up 47 min, 2 users, load average: 0.00, 0.01, 0.00 myubuntu@myubuntu-VirtualBox:~$
- t flag If we want to run commands like top then we need to use t flag
myubuntu@myubuntu-VirtualBox:~$ ssh -o StrictHostKeyChecking=no [email protected] "top" TERM environment variable not set.
myubuntu@myubuntu-VirtualBox:~$ ssh -t -o StrictHostKeyChecking=no [email protected] "top"
top - 04:38:10 up 51 min, 3 users, load average: 0.00, 0.00, 0.00
Tasks: 92 total, 1 running, 55 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 0.3 sy, 0.0 ni, 99.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 1006948 total, 705584 free, 82288 used, 219076 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 780188 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 20 0 43548 5312 3988 S 0.0 0.5 0:01.50 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:0H
5 root 20 0 0 0 0 I 0.0 0.0 0:00.01 kworker/u30:0
6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mm_percpu_wq
7 root 20 0 0 0 0 S 0.0 0.0 0:00.10 ksoftirqd/0
8 root 20 0 0 0 0 I 0.0 0.0 0:00.14 rcu_sched
9 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_bh
10 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration/0
11 root rt 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/0
14 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
15 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 netns
21 root 20 0 0 0 0 S 0.0 0.0 0:00.00 xenbus
22 root 20 0 0 0 0 S 0.0 0.0 0:00.01 xenwatch
172 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
173 root 20 0 0 0 0 S 0.0 0.0 0:00.00 oom_reaper
174 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 writeback
176 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kcompactd0
177 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
178 root 39 19 0 0 0 S 0.0 0.0 0:00.00 khugepaged
179 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 crypto
180 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kintegrityd
182 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kblockd
535 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 md
538 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 edac-poller
543 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 watchdogd
684 root 20 0 0 0 0 S 0.0 0.0 0:00.01 kauditd
690 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
822 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kthrotld
872 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kstrp
900 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 ipv6_addrconf
1735 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 ata_sff
1752 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
1753 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 scsi_tmf_0
1757 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_1
1759 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 scsi_tmf_1
1762 root 20 0 0 0 0 I 0.0 0.0 0:00.02 kworker/u30:2
1853 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 xfsalloc
1854 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 xfs_mru_cache
1856 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 xfs-buf/xvda1
1857 root 0 -20 0 0 0 I 0.0 0.0 0:00.00
#!/usr/bin/bash
# This shell script will execute multiple commands on multiple servers
for server in 18.218.183.234 3.135.183.52
do
echo "Command is being executed on $server"
for cmds in whoami date "free -m"
do
ssh -o StrictHostKeyChecking=no myubuntu@$server "$cmds"
echo "--------------------------------------------------"
done
done
myubuntu@myubuntu-VirtualBox:~/Desktop/shellScripts$ ./mulCmdMulServer.sh
Command is being executed on 18.218.183.234
myubuntu
--------------------------------------------------
Thu Jul 30 06:09:44 UTC 2020
--------------------------------------------------
total used free shared buff/cache available
Mem: 983 57 765 0 159 791
Swap: 0 0 0
--------------------------------------------------
Command is being executed on 3.135.183.52
myubuntu
--------------------------------------------------
Thu Jul 30 06:09:56 UTC 2020
--------------------------------------------------
total used free shared buff/cache available
Mem: 983 65 565 0 351 780
Swap: 0 0 0
--------------------------------------------------
#!/usr/bin/bash
while read ip usrname cmds
do
echo "Executing command on $ip"
ssh -o StrictHostKeyChecking=no $usrname@$ip "$cmds"
echo "---------------------------------------------"
done < inventory.txt
myubuntu@myubuntu-VirtualBox:~/Desktop/shellScripts$ cat inventory.txt 3.129.21.117 myuser date 18.220.89.137 myubuntu whoami
myubuntu@myubuntu-VirtualBox:~/Desktop/shellScripts$ ./diffCmd_user_server.sh Executing command on 3.129.21.117 Thu Jul 30 07:34:57 UTC 2020 --------------------------------------------- Executing command on 18.220.89.137 myubuntu ---------------------------------------------