Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Commands & Shells, Featured

Script to Verify Passwordless SSH Access

Submitted by on September 19, 2013 – 1:33 pm

If you have passwordless SSH configured on multiple servers, it’s a good idea to verify your access from time to time. This task may get rather tedious with a large number of remote systems. The simple script below will cycle through a list of servers and make sure you can access them without being prompted for a password. Any failures will be saved in the CSV file for later analysis.

#!/bin/bash
#                                      |
#                                  ___/"___
#                          __________/ o __________
#                            (I) (G) ___/ (O) (R)
#                                 2013-09-19
# ----------------------------------------------------------------------------
# Verify passwordless access to servers in the list (see $infile variable)
# The list must contain one server name per line
# ----------------------------------------------------------------------------
#
infile=""

spinner()
{
    local pid=$1
    local delay=0.25
    local spinstr='|/-'
    while [ "$(ps a | awk '{print $1}' | grep $pid)" ]; do
        local temp=${spinstr#?}
        printf " [%c]  " "$spinstr"
        local spinstr=$temp${spinstr%"$temp"}
        sleep $delay
        printf "bbbbbb"
    done
    printf "    bbbb"
}

configure() {
	timestamp=$(date +'%Y-%m-%d %H:%M:%S')
	if [ -z "${infile}" ]
	then
		infile="/tmp/unix_master_list.txt"
	fi

	if [ ! -r "${infile}" ]
	then
		echo "Server list ${infile} not found. Exiting..."
		exit 1
	fi

	outfile=${HOME}/server_list_checker.csv
	if [ -f "${outfile}" ]
	then
		/bin/rm -f "${outfile}"
		echo "Date,Hostname,Error" >> "${outfile}"
	fi

	ssh_command="/usr/bin/ssh -qt -o PubkeyAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no -o ConnectTimeout=10 -o NumberOfPasswordPrompts=0"
	server_total=$(wc -l "${infile}" | awk '{print $1}')
}

check_access() {
	i=1
	for host in `cat "${infile}" | egrep -v "-vip|-ilo"`
	do
			status_ping=1 ; status_ssh=1
			status_ping=$(/bin/ping -q -c 2 -i 1 -W 1 -w 2 ${host} > /dev/null 2>&1 ; echo $?)
			if [ ${status_ping} -eq 0 ]
			then
					status_ssh=$(${ssh_command} username@${host} "uptime" > /dev/null 2>&1 ; echo $?)
					if [ ${status_ssh} -ne 0 ]
					then
							echo "${timestamp},${host},ssh failure" | tee -a "${outfile}"
					fi
			else
					echo "${timestamp},${host},ping failure" | tee -a "${outfile}"
			fi
			clear
	cat << EOF
Failures so far:
----------------------------------------------

`cat "${outfile}"`
----------------------------------------------

Checking host ${i} of ${server_total}: ${host}
EOF
			(( i = i + 1 ))
	done
}

# RUNTIME
configure
check_access & spinner $!

 

Print Friendly, PDF & Email

Leave a Reply