MACBOOK 通过iterm2连接堡垒机跳转服务器

背锅浩

已于 2023-12-22 16:49:13 修改

阅读量767

点赞数 8

文章标签：服务器运维

于 2023-12-22 13:36:12 首次发布

本文链接：https://blog.csdn.net/weixin_39845407/article/details/135151047

版权

本公司是通过齐治堡垒机连接远程服务器的环境，因为连接过程中需要自动输入密码和选择主机，所以要使用expect工具，编写expect脚本
remote.exp

#!/usr/bin/expect

if { $argc != 7 } {
    send_user "usage: expect $argv0 \[JUMP_HOST\] \[JUMP_PORT\] \[JUMP_USER\] \[JUMP_PASSWORD\] \[HOST\] \[USER\] \[PASSWORD\]\n\n\t"
    send_user "*JUMP开头\t是堡垒机的登录信息\n\t"
    send_user "*非JUMP开头\t是连接目标主机的登录信息."
    exit
}

set timeout 5

set jump_host [lindex $argv 0]
set jump_port [lindex $argv 1]
set jump_user [lindex $argv 2]
set jump_pswd [lindex $argv 3]
set host [lindex $argv 4]
set user [lindex $argv 5]
set pswd [lindex $argv 6]

# 连接堡垒机
spawn ssh -p$jump_port $jump_user@$jump_host
# 登录堡垒机
expect {
   "*(yes/no*)?" {
       send "yes\r"
       expect "*assword:"
       send "$jump_pswd\r"
   }
    # 接受到password输入密码
    "*assword:" {
        send "$jump_pswd\r"
    }
}
# 选择登录主机
expect {
    "*:" {
        send "$host\r"
    }
}
# 选择登录用户 1 是 any
expect {
     "*:" {
        send "1\r"
    }
}
# 输入主机用户
expect {
    "*login:" {
        send "$user\r"
    }
}
# 输入主机密码
expect {
    "*assword:" {
        send "$pswd\r"
    }
}

interact

配置iterm2 profile
- Send text at start: /Users/aaa/scripts/remote.exp 堡垒机ip 堡垒机ssh端口堡垒机ssh用户堡垒机ssh密码跳转主机ip 跳转主机ssh用户跳转主机ssh密码

配置lrzsz
- mac上传脚本，根据自己rz sz命令路径修改

recv

cat /usr/local/bin/iterm2-recv-zmodem.sh

#!/bin/bash
# Author: Matt Mastracci (matthew@mastracci.com)
# AppleScript from http://stackoverflow.com/questions/4309087/cancel-button-on-osascript-in-a-bash-script
# licensed under cc-wiki with attribution required
# Remainder of script public domain

osascript -e 'tell application "iTerm2" to version' > /dev/null 2>&1 && NAME=iTerm2 || NAME=iTerm
if [[ $NAME = "iTerm" ]]; then
    FILE=`osascript -e 'tell application "iTerm" to activate' -e 'tell application "iTerm" to set thefile to choose folder with prompt "Choose a folder to place received files in"' -e "do shell script (\"echo \"&(quoted form of POSIX path of thefile as Unicode text)&\"\")"`
else
    FILE=`osascript -e 'tell application "iTerm2" to activate' -e 'tell application "iTerm2" to set thefile to choose folder with prompt "Choose a folder to place received files in"' -e "do shell script (\"echo \"&(quoted form of POSIX path of thefile as Unicode text)&\"\")"`
fi

if [[ $FILE = "" ]]; then
    echo Cancelled.
    # Send ZModem cancel
    echo -e \\x18\\x18\\x18\\x18\\x18
    sleep 1
    echo
    echo \# Cancelled transfer
else
    cd "$FILE"
    /opt/homebrew/bin/rz -E -e -b
    sleep 1
    echo
    echo
    echo \# Sent \-\> $FILE
fi

send

cat /usr/local/bin/iterm2-send-zmodem.sh
#!/bin/bash
# Author: Matt Mastracci (matthew@mastracci.com)
# AppleScript from http://stackoverflow.com/questions/4309087/cancel-button-on-osascript-in-a-bash-script
# licensed under cc-wiki with attribution required
# Remainder of script public domain

osascript -e 'tell application "iTerm2" to version' > /dev/null 2>&1 && NAME=iTerm2 || NAME=iTerm
if [[ $NAME = "iTerm" ]]; then
    FILE=`osascript -e 'tell application "iTerm" to activate' -e 'tell application "iTerm" to set thefile to choose file with prompt "Choose a file to send"' -e "do shell script (\"echo \"&(quoted form of POSIX path of thefile as Unicode text)&\"\")"`
else
    FILE=`osascript -e 'tell application "iTerm2" to activate' -e 'tell application "iTerm2" to set thefile to choose file with prompt "Choose a file to send"' -e "do shell script (\"echo \"&(quoted form of POSIX path of thefile as Unicode text)&\"\")"`
fi
if [[ $FILE = "" ]]; then
    echo Cancelled.
    # Send ZModem cancel
    echo -e \\x18\\x18\\x18\\x18\\x18
    sleep 1
    echo
    echo \# Cancelled transfer
else
    /opt/homebrew/bin/sz "$FILE" -e -b
    sleep 1
    echo
    echo \# Received $FILE
fi

配置Triggers

Regular expression: rz waiting to receive.\*\*B0100
            Action: Run Silent Coprocess
        Parameters: /usr/local/bin/iterm2-send-zmodem.sh
           Instant: checked

Regular expression: \*\*B00000000000000
            Action: Run Silent Coprocess
        Parameters: /usr/local/bin/iterm2-recv-zmodem.sh
           Instant: checked

* 如果是通过expect方式登录的服务器，需要做一下配置，写一个shell脚本加入 export LC_CTYPE=en_US

#!/bin/bash
# $1 是expect脚本，其他的参数就是登录堡垒机和服务器的参数

if [ $# -ne 8 ];then
    echo -e  "usage: $0 [EXPECT_SCRIPT_PATH] [JUMP_HOST] [JUMP_PORT] [JUMP_USER] [JUMP_PASSWORD] [HOST] [USER] [PASSWORD]\n\n\t"
    echo -e "*JUMP开头\t是堡垒机的登录信息\n\t"
    echo -e "*非JUMP开头\t是连接目标主机的登录信息."
    exit
fi

export LC_CTYPE=en_US

/usr/bin/expect $1 $2 $3 $4 $5 $6 $7 $8




# 运行示例

# bash /Users/test_user/scripts/login.sh /Users/test_user/scripts/remote.exp 172.88.88.88 22 test_user test_user_password 172.77.77.77 root 'root_password'

# 如果使用了这种方式的话，iterm2 profile 也需要对应的修改一下