Masspass

From Mage
Jump to: navigation, search

Save this script. In the same directory, create a file called "meh" and put the new root password in it, create a file called "rmeh" and put the current root password in it, and create a file called "serverList" that contains a list of all the target servers you want changed.

This can only be run from a server with Expect installed.

vi ~/mp.sh

#!/usr/bin/bash
##########################################################
#                       Masspass
#                     Mar 18, 2013
##########################################################
# Uses Expect to massively update root passwords.
#
# Prereq: Install freaking expect or run it from a server
#         that already has it.
#
#         You need three additional files. "meh" will have
#         the new root password to update to. "rmeh" will
#         have the current root password in it.
#         "serverList.txt" is a list of all the servers
#         you want updated (one server per line).
#
#         If you don't have an ssh key in your ~/.ssh
#         folder this is going to be a looooooooooooooooo
#         oooooooooooooooooooooooooooong process for you.
##########################################################

# Username that will login to aaaaaaaaaall the servers.
# Yours will do just fine.

ohYou="foo"


# Your shell may not be my shell. What's the last character
# that is output before you can enter a command?
# Ex:
# root@server#
# So "#" in this example is the value we're looking for.

shellPrompt=">"


# We use flat files with passwords because it can be
# secured with chmod and doesn't leave our two biggest
# passwords on every clustered server's log files.

#         v File with the new root password you want.
meh=`more meh`


#          v File with the current root password in it.
rmeh=`more rmeh`


# File containing a list of servers to hit:
list="~/serverList"


# Use expect to, errr, expect things. Then do things!
while read thisHereServer; do
   /usr/bin/expect -c "
   spawn ssh -o StrictHostKeyChecking=no -o CheckHostIP=no $ohYou@$thisHereServer
   expect \"$shellPrompt\"
   send \"ssu\n\"
   expect \"$shellPrompt\"
   send \"passwd root\n\"
   expect \"assword:\"
   send \"$meh\n\"
   expect \"assword:\"
   send \"$meh\n\"
   expect \"$shellPrompt\"
   send \"exit\n\""
done < $list