最近需要大规模修改服务器密码,如果每台登陆的话,需要耗费大量的时间,在网上搜索了下,找到批量修改服务器密码 的方法。
#!/bin/sh
<<INFO
DESCRIBE:批量修改远程主机root密码
SYSTEM:CentOS7/RedHat7
WARNING:1.密码中不能有"$"、"#" 、"!"符号 2.执行脚本的机器与远程主机网络通 3.远程主机原始密码需一致
MODIFY:
INFO
######################定义变量######################
USERNAME="root" #登陆的账户
ROOTPWD="123456" #登陆的密码
CHUSERNAME="test" #需要修改密码的账户
NEWPWD="654321"
ERROR_FILE="/tmp/modify_pwd_error.txt"
######################异常校验######################
cecho(){
echo -e "\033[$1m$2\033[0m"
}
[ "$#" -eq 0 ] && cecho 31 "参数错误,请按照如下传输 'sh chpwd.sh 192.168.1.1 192.168.1.2'" && exit 1
source /etc/profile
if ! expect -v &> /dev/null;then
cecho 31 "ERROR:Please Install expect" && sleep 2 && yum install -y expect && exit 1
fi
######################功能函数######################
#检测IP合法性
Check_IP(){
local ip=$1
if ! echo ${ip} |grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' &> /dev/null;then
cecho 31 "ERROR:${ip} Invalid!!!" && exit 1
fi
}
#检查密码是否正确
Check_Pwd(){
local ip=$1
local user=$2
local pwd=$3
expect << EOF
set timeout 3
spawn ssh ${user}@${ip} -o "StrictHostKeyChecking no" -t -t "echo 1"
expect "(yes/no)" {send "yes\r"}
expect "password:" {send "${pwd}\r"}
expect "#" {send "exit\r"}
EOF
}
#修改用户密码
Modify_User_Pwd(){
local ip=$1
expect << EOF
set timeout 5
spawn ssh ${USERNAME}@${ip} -o "StrictHostKeyChecking no"
expect "(yes/no)" {send "yes\r"}
expect "password:" {send "${ROOTPWD}\r"}
expect "#" {send "echo 正在修改密码\r"}
expect "#" {send "who\r sleep 1\r"}
expect "*#" {send "echo \"${CHUSERNAME}:${NEWPWD}\" |chpasswd :\r"}
expect "*#" {send "exit\r"}
EOF
}
######################主程序######################
[ -f "${ERROR_FILE}" ] && cecho 31 "ERROR:${ERROR_FILE}已存在!!!" && exit 1
for ip in "$@"
do
#检测IP合法性
Check_IP ${ip}
#检测网络是否可达
if ! ping -c3 -w1 -i0.2 ${ip} &> /dev/null;then
cecho 31 "ERROR:${ip} Unreachable!!!" >> ${ERROR_FILE}
continue
fi
#检测原密码是否正确
result=$(Check_Pwd "${ip}" "${USERNAME}" "${ROOTPWD}")
if echo "$result" | grep 'ry again' &> /dev/null;then
cecho 31 "ERROR:${ip} Old Password Is Error!!!" >> ${ERROR_FILE}
continue
fi
#修改密码
Modify_User_Pwd ${ip}
#检测新密码是否正确
result=$(Check_Pwd "${ip}" "${CHUSERNAME}" "${NEWPWD}")
if ! echo "$result" | grep 'ry again' &> /dev/null;then
cecho 96 "${ip} Modify Success!"
else
cecho 31 "ERROR:${ip}Modify Error!!!" >> ${ERROR_FILE}
exit 1
fi
done
clear
if [ ! -f "${ERROR_FILE}" ];then
cecho 96 "All Host Password Modify Is Success!"
else
cat "${ERROR_FILE}"
rm -f "${ERROR_FILE}"
fi