| David Shaw | ba2d2c2 | 2017-01-23 16:56:38 -0600 | [diff] [blame] | 1 | #!/usr/bin/expect -- |
| 2 | |
| 3 | # ssh using the parms provided by the caller. The benefit provided by this |
| 4 | # program is that it will enter the password for you (i.e. non-interactively). |
| 5 | |
| 6 | # Description of arguments: |
| 7 | # Arg0: The password. |
| 8 | # Arg1: The ssh parm string. This is the totality of ssh parms you wish to |
| 9 | # specify (e.g. userid, host, etc.). |
| 10 | |
| 11 | |
| David Shaw | ba2d2c2 | 2017-01-23 16:56:38 -0600 | [diff] [blame] | 12 | # Main |
| 13 | |
| 14 | # Get arguments. |
| 15 | set password [lindex $argv 0] |
| 16 | set ssh_parms [lreplace $argv 0 0] |
| 17 | |
| 18 | eval spawn ssh ${ssh_parms} |
| 19 | |
| 20 | set timeout 30 |
| 21 | |
| 22 | set max_attempts 3 |
| 23 | |
| 24 | set attempts 0 |
| 25 | while { 1 } { |
| 26 | incr attempts 1 |
| 27 | expect { |
| Michael Walsh | 823a7ff | 2017-10-20 10:36:07 -0500 | [diff] [blame] | 28 | -re "Offending RSA key in (.*?)\[\r\n\]" { |
| 29 | # We have been informed by ssh that we have a bad key. |
| Gunnar Mills | 28e403b | 2017-10-25 16:16:38 -0500 | [diff] [blame] | 30 | # Retrieve the file path and line number from the ssh output. |
| Michael Walsh | 823a7ff | 2017-10-20 10:36:07 -0500 | [diff] [blame] | 31 | set fields [split $expect_out(1,string) ":"] |
| 32 | set file_path [lindex $fields 0] |
| 33 | set line_num [lindex $fields 1] |
| 34 | # Use sed to delete the bad key. |
| 35 | set cmd_buf "sed -i ${line_num}d ${file_path}" |
| 36 | puts "Issuing: ${cmd_buf}" |
| 37 | eval exec bash -c {$cmd_buf} |
| 38 | # Kill the failed spawned ssh process. |
| 39 | exec kill -9 [exp_pid] |
| 40 | # Start a new process now that our stale key problem is fixed. |
| 41 | eval spawn ssh ${ssh_parms} |
| 42 | continue |
| 43 | } |
| David Shaw | ba2d2c2 | 2017-01-23 16:56:38 -0600 | [diff] [blame] | 44 | -re "assword:" { |
| 45 | send "$password\r" |
| 46 | break |
| 47 | } |
| 48 | -re "Are you sure you want to continue connecting" { |
| 49 | if { $attempts > $max_attempts } { |
| 50 | puts stderr "**ERROR** Exceeded $max_attempts attempts to ssh." |
| 51 | exit 1 |
| 52 | } |
| 53 | send "yes\r" |
| 54 | } |
| 55 | timeout { |
| 56 | puts stderr "**ERROR** Timed out waiting for password prompt." |
| 57 | exit 1 |
| 58 | } |
| 59 | eof { |
| 60 | puts stderr "**ERROR** End of data waiting for password prompt." |
| 61 | exit 1 |
| 62 | } |
| 63 | } |
| 64 | } |
| 65 | |
| 66 | set timeout 3 |
| 67 | expect { |
| 68 | "Permission denied, please try again." { |
| 69 | puts "" |
| 70 | puts "**ERROR** Incorrect userid or password provided to this program." |
| 71 | exit 1 |
| 72 | } |
| 73 | } |
| 74 | |
| 75 | set timeout -1 |
| 76 | |
| 77 | # We don't ever expect to see this string. This will keep this program |
| 78 | # running indefinitely. |
| Michael Walsh | aecfce0 | 2017-10-10 16:30:21 -0500 | [diff] [blame] | 79 | set never_string "When in the course of human events, it becomes :" |
| 80 | if { [ catch {expect { "${never_string}" {send "whatever\r"} }} result ] } { |
| 81 | set child_died {expect:[ ]spawn[ ]id[ ]exp4[ ]not[ ]open} |
| 82 | if { [regexp -expanded ${child_died} $result] } { |
| 83 | # The child died. This is not necessarily an error (for example, the |
| 84 | # user may have included a command string to run on the target). |
| 85 | exit 0 |
| 86 | } else { |
| 87 | puts $result |
| 88 | exit 1 |
| 89 | } |
| David Shaw | ba2d2c2 | 2017-01-23 16:56:38 -0600 | [diff] [blame] | 90 | } |
| 91 | |
| 92 | exit 0 |
| 93 | |
| David Shaw | ba2d2c2 | 2017-01-23 16:56:38 -0600 | [diff] [blame] | 94 | |