Article directory
1. Application scenarios
Expect is mainly used in scenarios of automated interactive operations. With the help of Expect to process interactive commands, interactive processes such as ssh login, ftp login, etc. can be written in a script to automate it. It is especially suitable for environments where the same operation needs to be performed on multiple servers, and can greatly improve the work efficiency of system administrators.
2. Grammatical description
Note: The premise that this script can be executed is that expect is installed
yum install -y expect
When using expect, there are several common commands:
Description:
spawn
Used to start a new process, the expect and send commands after spawn interact with the new process started using spawn.
spawn is the initial command of expect, which is used to start a process, and then all operations are performed in this process. If there is no spawn, this expect cannot be performed.
expect
It is used to wait for the feedback of a process. According to the feedback of the process, we use the send command to send the corresponding interactive command.
send
Receives a string argument and sends that argument to the process.
interact
In fact, not many are used. The interact command is mainly used to exit automation and enter manual interaction.
For example, we use the spawn, send and expect commands to complete the ftp login to the host and perform the task of downloading files, but we hope that after the file download is completed, we can still stay in the ftp command line state in order to manually execute subsequent commands. At this time, use the interact command You can complete this task very well.
3. Example
1. scp file transfer automation
When using the scp command, if it is the first communication, you need to manually press yes in an interactive way to enter the second step, and then manually enter the password to transfer the file.
#!/usr/bin/expect -d
set timeout 10
spawn -noecho ssh -o StrictHostKeyChecking=no -l test 192.168.2.151 -p 22
#spawn命令是expect的初始命令,他用于启动一个进程,之后所有操作都在这个进程中进行,
#如果没有spawn,这个expect都无法进行
#StrictHostKeyChecking=no参数让ssh默认添加新主机的公钥指纹,也就不会出现出现是否继续yes/no的提示了
expect "password:" {
send "123456\r"}
expect "Last login" {
send "echo test1\r"}
expect "*\$*" {
send "echo test2\r"}
expect eof
# EOF(End Of File),表示"文字流"(stream)的结尾。这里的"文字流",可以是文件(file),
# 也可以是标准输入(stdin),EOF是不可输出字符,因此不能在屏幕上显示。
# 由于字符的ASCII码不可能出现-1,因此EOF定义为-1是合适的。
#即当读入的字符值等于EOF时,表示读入的已不是正常的字符而是文件结束符。
2. ssh remote login
#!/bin/bash
passwd='123456'
/usr/bin/expect <<-EOF
# exp_continue 用于多次匹配
set time 30
spawn ssh saneri@192.168.56.103 df -Th
expect {
"*yes/no" {
send "yes\r"; exp_continue }
"*password:" {
send "$passwd\r" }
}
expect eof
EOF
3. Switch to root user
#!/usr/bin/expect -f
set timeout 10
spawn sudo su - root
expect "*password*"
send "123456\r"
expect "#*"
send "ls\r"
expect "#*"
send "df -Th\r"
send "exit\r"
expect eof
4. Create ssh key
1.创建主机配置文件
[root@localhost script]# cat host
192.168.1.10 root 123456
192.168.1.20 root 123456
192.168.1.30 root 123456
2.编写copykey.sh脚本,自动生成密钥并分发key.
#!/bin/bash
# 判断id_rsa密钥文件是否存在
if [ ! -f ~/.ssh/id_rsa ];then
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa
else
echo "id_rsa has created ..."
fi
#分发到各个节点,这里分发到host文件中的主机中.
while read line
do
user=`echo $line | cut -d " " -f 2`
ip=`echo $line | cut -d " " -f 1`
passwd=`echo $line | cut -d " " -f 3`
expect <<EOF
set timeout 10
spawn ssh-copy-id $user@$ip
expect {
"yes/no" {
send "yes\n";exp_continue }
"password" {
send "$passwd\n" }
}
expect "password" {
send "$passwd\n" }
EOF
done < hosts
5. ssh to a node to create a user
#!/bin/bash
ip=$1
user=$2
password=$3
expect <<EOF
set timeout 10
spawn ssh $user@$ip
expect {
"yes/no" {
send "yes\n";exp_continue }
"password" {
send "$password\n" }
}
expect "]#" {
send "useradd hehe\n" }
expect "]#" {
send "touch /tmp/test.txt\n" }
expect "]#" {
send "exit\n" } expect eof
EOF
#./ssh5.sh 192.168.1.10 root 123456
Reference:
https://www.cnblogs.com/saneri/p/10819348.html
https://blog.csdn.net/givenchy_yzl/article/details/118079170
https://sites.google.com/site/chinainventor/ language/2009-04-03-02