SSH链接管理脚本
平常维护linux机器比较多,很多时候都要临时通过SSH登上去,执行一些命令什么的,写了一个Bash Shell脚本管理这些链接,有需要的可以试试。
#!/bin/bash
#filename hh
scriptdir=`realpath $0`
workdir=`dirname $scriptdir`
confile=$workdir/hh.conf
key='ABCDE1234567890ABCDE1234567890AB' #随意32位16进制的数字
function showUsage() {
echo "ssh toolkit, auther: raveh@live.com"
echo "`basename $0 .sh` <host alias>: login host. "
echo "`basename $0 .sh` list: show all hosts."
echo "`basename $0 .sh` encode: encode string."
echo "`basename $0 .sh` decode: decode string."
}
function listHost() {
cat $confile | while read line; do
if [[ $line == \#* ]]; then
continue
fi
echo $line | awk -F ',' '{if(NF>5)printf("%8s -- %12s --> %-32s %-28s\n", $1, $7, $5"@"$3":"$4, "("$8")")}'
done
}
function loginHost() {
_conf=`awk -F ',' '{if($1=="'$1'"){print $0}}' $confile`
if [ -z "$_conf" ]; then
echo "[ERROR] host [$1] not found. check [$confile], abort."
exit 0
fi
_prox=`echo $_conf | awk -F ',' '{print $2}'`
_host=`echo $_conf | awk -F ',' '{print $3}'`
_port=`echo $_conf | awk -F ',' '{print $4}'`
_user=`echo $_conf | awk -F ',' '{print $5}'`
_psws=`echo $_conf | awk -F ',' '{print $6}'`
_pswd=`decode $_psws`
if [ -z "$_pswd" ]; then
echo "[ERROR] password($_psws) decode fatal. abort."
exit 1
fi
if [ -z "$_prox" ]; then
sshpass -p "$_pswd" ssh -o StrictHostKeyChecking=no -p $_port $_user@$_host
else
sshpass -p "$_pswd" ssh -o StrictHostKeyChecking=no -p $_port -o ProxyCommand="nc -X 5 -x $_prox %h %p" $_user@$_host
fi
}
function encode() {
echo -n "$1" | openssl enc -aes-128-ecb -a -e -K $key -nosalt
}
function decode() {
echo "$1" | openssl enc -aes-128-ecb -a -d -K $key -nosalt
echo ""
}
type ssh >/dev/null 2>&1 || { echo >&2 "require ssh but it's not installed. abort."; exit 1; }
type sshpass >/dev/null 2>&1 || { echo >&2 "require sshpass but it's not installed. abort."; exit 1; }
type nc >/dev/null 2>&1 || { echo >&2 "require nc(openbsd) but it's not installed. abort."; exit 1; }
type openssl >/dev/null 2>&1 || { echo >&2 "require openssl but it's not installed. abort."; exit 1; }
if [ ! -f $confile ]; then
echo "[ERROR] configure file [$confile] not exists. abort."
exit 0
fi
if [ $# -lt 1 ]; then
showUsage
exit 0
fi
case $1 in
help* | HELP* | \?* | \-* )
showUsage
;;
list* | LIST* | ls* )
listHost
;;
encode* | ENCODE* )
encode $2
;;
decode* | DECODE* )
decode $2
;;
* )
loginHost $1
;;
esac
需要安装ssh client/sshpass/netcat-openbsd/openssl软件,我用的是Debian系统,使用以下命令安装:
apt install openssh-client sshpass netcat-openbsd openssl
配置文件hh.conf的格式示例:
raveh@DESKTOP-MBGF84O:~/work/shell/hh$ cat hh.conf
# 格式示例
# 访问别名,代理:端口,SSH地址或域名,端口,用户,密码,分类,描述
# 直接访问
pi,,192.168.1.29,22,root,udJPY+zJ5CyoZHiKxipf2A==,树莓派,里面放着我的博客
# 使用代理访问
ppi,127.0.0.1:1080,192.168.1.29,22,root,udJPY+zJ5CyoZHiKxipf2A==,树莓派,里面放着我的博客
命令示例
hh alias # 登录主机
hh list # 列出所有主机
hh encode # 用于密码的加密
hh decode # 用于密码的解密
raveh@DESKTOP-MBGF84O:~/work/shell/hh$ hh encode 123
udJPY+zJ5CyoZHiKxipf2A==
raveh@DESKTOP-MBGF84O:~/work/shell/hh$ hh decode udJPY+zJ5CyoZHiKxipf2A==
123
raveh@DESKTOP-MBGF84O:~/work/shell/hh$ hh list
pi -- 树莓派 --> root@192.168.1.29:22 (里面放着我的博客)
ppi -- 树莓派 --> root@192.168.1.29:22 (里面放着我的博客-使用代理)
raveh@DESKTOP-MBGF84O:~/work/shell/hh$ hh pi
Linux raspberrypi 5.10.92-v8+ #1514 SMP PREEMPT Mon Jan 17 17:39:38 GMT 2022 aarch64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat Feb 26 01:39:26 2022 from 192.168.1.28
root@raspberrypi:~ #
root@raspberrypi:~ # uptime
02:51:08 up 122 days, 13:08, 1 users, load average: 0.10, 0.01, 0.01
©raveh.net