Restart services on multiple remote servers securely

Ror

11/28/22, 9:48 AM

I need to write a script so that my colleagues and myself can restart different services on multiple servers. We all connect to the servers with LDAP so i'd like my script to connect our LDAP users to the server and then use sudo to restart the services (I can write a script on each server to restart all the services needed). Right now the script simply run a command like

ssh -t user@host "sudo service XXX restart"

The problem is that for each server the script will ask for the user password twice (one for the ssh connection and two for the sudo command). My first guess was to prompt the user for login and password with read -s -p and then use the variable to automatically login with ssh. Apparently, Expect is the way to do this but I didn't find a way to prompt securely a password in an Expect script or prompt it in a bash script and pass the variable securely in the expect script.

I did look up solutions like pssh, cluster ssh which seems to be working but not with sudo. I understand that the best way to do this is with ssh keys but since multiple users need to use the script, i'd like to use the LDAP login/password.

1 + 1

security

scripting

ssh

bash

expect

glenn jackman

11/28/22, 11:44 AM

See [How can I make an expect script prompt for a password?](https://stackoverflow.com/questions/681928/how-can-i-make-an-expect-script-prompt-for-a-password)

Score:0

Server

Ror

12/9/22, 12:35 PM

As Glenn suggested in the comments, the right way to do this was to use stty :

# grab the password
stty -echo
send_user -- "Password for $user@$host: "
expect_user -re "(.*)\n"
send_user "\n"
stty echo
set pass $expect_out(1,string)

#... later
send -- "$pass\r"

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Restart services on multiple remote servers securely

TH: เริ่มบริการใหม่บนเซิร์ฟเวอร์ระยะไกลหลายเครื่องอย่างปลอดภัย

RO: Reporniți serviciile pe mai multe servere la distanță în siguranță

RU: Безопасный перезапуск служб на нескольких удаленных серверах

VI: Khởi động lại dịch vụ trên nhiều máy chủ từ xa một cách an toàn

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.