linux下expect環境安裝以及簡單腳本測試

 

expect是交互性很強的腳本語言，能夠幫助運維人員實現批量管理成千上百臺服務器操做，是一款很實用的批量部署工具！
expect依賴於tcl，而linux系統裏通常不自帶安裝tcl，因此須要手動安裝

下載：expect-5.43.0.tar和tcl8.4.11-src.tar
下載地址：https://pan.baidu.com/s/1kVyeLt9
提取密碼：af9p

將expect和tcl的軟件包下載放到/usr/local/src目錄下

（1）解壓tcl，進入tcl解壓目錄，而後進入unix目錄進行編譯安裝
[root@xw4 src]# tar -zvxf tcl8.4.11-src.tar.gz
[root@xw4 src]# cd tcl8.4.11/unix
[root@xw4 unix]# ./configure
[root@xw4 unix]# make && make install

（2）安裝expect
[root@xw4 src]# tar -zvxf expect-5.43.0.tar.gz
[root@xw4 src]# cd expect-5.43.0
[root@xw4 expect-5.43.0]# ./configure --with-tclinclude=/usr/local/src/tcl8.4.11/generic --with-tclconfig=/usr/local/lib/
[root@xw4 expect-5.43.0]# make && make install

(3)安裝完成後進行測試
[root@xw4 ~]# expect
expect1.1>
expect1.1>

----------------------------------------------------------------------------------------------------

下面結合shell腳本作簡單測試：

例1：
從本機自動登陸到遠程機器192.168.1.200（端口是22，密碼是：PASSWORD）
登陸到遠程機器後作如下幾個操做：
1）useradd wangshibo
2）mkdir /opt/test
3) exit自動退出

[root@xw4 tmp]# cat test-ssh.sh

#!/bin/bash
passwd='PASSWORD'
/usr/local/bin/expect <<-EOF
set time 30
spawn ssh -p22 root@192.168.1.201
expect {
"*yes/no" { send "yes\r"; exp_continue }
"*password:" { send "$passwd\r" }
}
expect "*#"
send "useradd wangshibo\r"
expect "*#"
send "mkdir /opt/test\r"
expect "*#"
send "exit\r"
interact
expect eof
EOF

[root@xw4 tmp]# sh test.sh
spawn ssh -p22 root@192.168.1.201
root@192.168.1.201's password:
Last login: Fri Sep 23 16:21:20 2016 from 192.168.1.23
[root@vm-002 ~]# useradd wangshibo
[root@vm-002 ~]# mkdir /opt/test

上面的例子若是隻是自動登錄，登錄機器後不作操做的腳本內容以下：

shell腳本的寫法：
[root@xw4 tmp]# cat test.sh
#!/bin/bash
passwd='PASSWORD'
/usr/local/bin/expect <<-EOF
set time 30
spawn ssh -p22 root@192.168.1.201
expect {
"*yes/no" { send "yes\r"; exp_continue }
"*password:" { send "$passwd\r" }
}
expect eof
EOF
  
[root@xw4 tmp]# sh test.sh
  
expect腳本的寫法：
[root@xw4 tmp]# cat test
#!/bin/expect
set timeout 30
spawn ssh -p22 root@192.168.1.201
expect "*password:"
send "PASSWORD\r"
interact
  
[root@xw4 tmp]#./test

------------------------------------------------------
注意：spawn後面跟的是操做動做，好比登錄機器後執行uptime，即：
spawn ssh -p22 root@192.168.1.201 "uptime"

*******************************************************************************************************

例2：

咱們在部署無密碼訪問時,手工創建ssh互信須要好幾個步驟，而且中途人工交互（輸入密碼等），若是機器數目多，則很繁瑣！

下面方法用於自動化生成authorized_keys,免去了手工數據.

方法: 利用expect編寫sshkey.exp在遠程主機上生成id_rsa,並重定向到本地.在利用noscp.exp.把文件複製到遠程主機
爲了節省本身的時間，能夠寫個expect自動化腳本，分享以下：

（1）
如上expect安裝後的路徑是：
[root@xw4 ~]# which expect
/usr/local/bin/expect

（2）
作個expect執行文件的軟件
[root@xw4 ~]# ln -s /usr/local/bin/expect /usr/bin/expect
[root@xw4 ~]# ll /usr/bin/expect

（3）
編寫expect腳本：
-----------------------------------------------------------------------------------
1）
[root@xw4 ~]# cat sshkey.exp

#!/usr/bin/expect

#sshkey.exp

if {$argc<3} {
puts stderr "Usage: $argv0 host user passwd "
exit 1
}

set host [ lindex $argv 0 ]
set user [ lindex $argv 1 ]
set pwd [ lindex $argv 2 ]

set timeout 30

#spawn ssh ${user}@${host} "rm -rf ~/.ssh/id_rsa*"
#
#expect {
# "*yes/no" { send "yes\r"; exp_continue }
# "*password:" { send "$pwd\r"; exp_continue }
#}

spawn ssh ${user}@${host} "ssh-keygen -t rsa"            #若是ssh端口是非22，好比22222，那麼這一行的ssh後面添加"-p22222"

expect {
"*yes/no" { send "yes\r"; exp_continue }
"*password:" { send "$pwd\r"; exp_continue }
"Enter file in which to save the key*" { send "\n\r"; exp_continue }
"Overwrite*" { send "y\n"; exp_continue } 
"Enter passphrase (empty for no passphrase):" { send "\n\r"; exp_continue }
"Enter same passphrase again:" { send "\n\r" }
}

spawn ssh ${user}@${host} "cat ~/.ssh/id_rsa.pub"     #若是ssh端口是非22，好比22222，那麼這一行的ssh後面添加"-p22222"

expect {
"*yes/no" { send "yes\r"; exp_continue }
"*password:" { send "$pwd\r" }
}

expect eof

----------------------------------------------------------------------------------------------------
2）
[root@xw4 ~]# cat noscp.exp

#!/usr/bin/expect

#noscp.exp

if {$argc<4} {
puts stderr "Usage: $argv0 localfile remotefile user passwd "
exit 1
}

set localfile [ lindex $argv 0 ]
set remotefile [ lindex $argv 1 ]
set user [ lindex $argv 2 ]
set pwd [ lindex $argv 3 ]

set timeout 30

spawn scp ${localfile} ${user}@${remotefile}     #若是ssh端口是非22，那麼這一行裏面的scp後面添加"-P 22222"

expect {
"*yes/no" { send "yes\r"; exp_continue }
"*password:" { send "$pwd\r" }
}

expect eof

------------------------------------------------------------------------

[root@xw4 ~]# chmod 755 sshkey.exp
[root@xw4 ~]# chmod 755 noscp.exp

（4）
腳本說明
./sshkey.exp 主機名 用戶名 密碼                                           #在遠程主機生成id_rsa
./noscp.exp 本地文件 遠程路徑 遠程用戶密碼                      #無密碼拷貝文件

（5）驗證：
[root@xw4 ~]# ./sshkey.exp 192.168.1.201 root PASSWORD |grep ssh-rsa >> ~/.ssh/authorized_keys
[root@xw4 ~]# ./noscp.exp ~/.ssh/authorized_keys 192.168.1.201:~/.ssh root PASSWORD
spawn scp /root/.ssh/authorized_keys root@192.168.1.201:~/.ssh
root@192.168.1.201's password:
authorized_keys

這樣，就能無密碼登錄了!
[root@xw4 ~]# ssh 192.168.1.201
Last login: Fri Sep 23 18:33:21 2016 from 192.168.1.7
[root@vm-002 ~]#

--------------------------------------------------------------------------
若是是多臺機器的話，能夠結合shell腳本進行批量執行

[root@xw4 ~]# cat /root/ip.list
192.168.1.100
192.168.1.101
192.168.1.102
192.168.1.103
192.168.1.104
......
......

[root@xw4 ~]# cat sshkey.sh

#!/bin/bash
for ip in `cat /root/ip.list`
do
/root/sshkey.exp $ip root PASSWORD |grep ssh-rsa >> ~/.ssh/authorized_keys
/root/noscp.exp ~/.ssh/authorized_keys $ip:~/.ssh root PASSWORD 
done

[root@xw4 ~]# sh -x sshkey.sh

------------------------------------------------------------------
以前用過的一個簡單的expect跳轉腳本

localhost:huan kevin$ cat jump 
#!/usr/bin/expect

set timeout 30
spawn /usr/bin/ssh -p 2200  -l wangshibo 111.133.132.144
expect "password:"
send "shai3raesh2Uici\r"
interact

localhost:huan kevin$ ./jump 
spawn /usr/bin/ssh -p 2200 -l wangshibo 111.133.132.144
wangshibo@111.133.132.144's password: 
Last login: Fri Oct 13 16:43:13 2017 from 210.12.101.146

Welcome to aliyun Elastic Compute Service!

[wangshibo@sh-sre-man01 ~]$