I'm trying to pull pending linux updates from remote servers and plug them into Nagios. Here's a stripped down version of the code - the code that's giving me an error:
UPDATES=$(sshpass -p "password" StrictHostKeyChecking=no user#server:/usr/lib/update-notifier/apt-check 2>&1)
echo $UPDATES
Error message:
sshpass: Failed to run command: No such file or directory
Command in the question is wrong in multiple ways.
sshpass -p"password" \
ssh -o StrictHostKeyChecking=no user#server "/usr/lib/update-notifier/apt-check" 2>&1
For the -p option, there shouldn't be any space between the option and the value.
sshpass needs a command as argument, which is ssh in this case.
StrictHostKeyChecking=no should be following the option -o for ssh.
A space, not a : is needed between user#server and the command you are going to run remotely, i.e., /usr/lib/....
Related
I am creating a yaml file in GitHub Actions to install softwares on Linux servers created using terraform. Using the pipeline i am able to ssh into the linux servers. In one of the servers i am creating a .ssh directory and an id_rsa file (which contains the private key of the other server) which i intend to use to scp into the other server to copy some files. I have used the echo command to copy the private key to id_rsa file. I want to view the content of id_rsa to make sure the correct private key is copied. I am using the cat command but it does not work. here is my code
ssh chefnode -T
ssh chefnode -t 'sudo apt-get update && sudo apt-get upgrade -y'
ssh chefnode -t 'echo "$INFRA_PRIVATE_KEY" > "/home/'$SSH_NODE_USER'/.ssh/id_rsa"'
ssh chefnode -t 'cat "/home/'$SSH_NODE_USER'/.ssh/id_rsa"'
the commands run but the cat command does not return any output. It does not fail. the pipeline passes but this command does not render any output. I have tried the following combinations as well but nothing works
ssh chefnode -t 'cat /home/"$SSH_NODE_USER"/.ssh/id_rsa'
ssh chefnode -t 'cat /home/$SSH_NODE_USER/.ssh/id_rsa'
ssh chefnode -t cat /home/'$SSH_NODE_USER'/.ssh/id_rsa
ssh chefnode -t cat /home/$SSH_NODE_USER/.ssh/id_rsa
I tried this too
ssh chefnode -t 'echo "$INFRA_PRIVATE_KEY" > "/home/'$SSH_NODE_USER'/.ssh/id_rsa"'
ssh chefnode -t 'cd "/home/'$SSH_NODE_USER'/.ssh";"cat id_rsa"'
says cat command not found. I just want to view the contents of id_rsa file, not sure what i am doing wrong.
ssh chefnode -t 'echo "$INFRA_PRIVATE_KEY" > "/home/'$SSH_NODE_USER'/.ssh/id_rsa"'
Unless $INFRA_PRIVATE_KEY is a variable set by the login environment on chefnode, this is likely to be empty.
I assume you wanted to send a variable set on the local console, but as written this literally sends "$INFRA_PRIVATE_KEY" to the server which probably expands to nothing (i.e. the file is actually empty).
you probably instead want something like:
ssh chefnode -t 'echo "'"$INFRA_PRIVATE_KEY"'" > "/home/'$SSH_NODE_USER'/.ssh/id_rsa"'
which locally expands the variable and then sends it with quoting (assuming there are no quotes embedded in the variable value itself)
I am struggling to copy files from a remote source to my local destination
I am using scp and I have tried adding sshpass to send the password
I have a script that copies from my local source to a remote destination which works:
sudo sshpass -p "pi" ssh -o StrictHostKeyChecking=no pi#$VAR_IP ls /some_dir
this just connects to it without having to put in additional commands to accept the connection if it is the first time
sudo sshpass -p "pi" scp /path_to_app/$VAR_APP pi#$VAR_IP:/home/pi/$VAR_APP/
this successfully copies from my local source to my remote destination
Now... Even though the scp documentation says I can scp remote source to local destination
I can't seem to get it to work, here is how I am trying to do it in a different script:
sudo sshpass -p "pi" ssh -o StrictHostKeyChecking=no pi#$VAR_IP ls /some_dir
this is just to initialize not to have to accept connection, same as the last script
sudo sshpass -p "pi" scp pi#$VAR_IP:/home/pi/$VAR_APP/logs/file /some_local_dir/
This gives me the error: scp: /home/pi/App_Name/logs/file: No such file or directory
the path doesn't exist on local but does on remote, so it seems it is trying to find it locally instead of remotely, any ideas on this?
I looked at all the related posts about this and the man pages but can't find an answer to my specific case
I cannot do the cert key thing as I have too many sites, it would take forever
I saw in one of the posts someone tried it without sshpass, I tried it too like this:
sudo scp pi:pi#$VAR_IP:/home/pi/$VAR_APP/logs/file /some_local_dir/
This gave me the error: ssh: Could not resolve hostname pi: Name or service not known
I don't think it works like that so I didn't go further down that vein
I hope I gave enough info with clarity
any help would really be appreciated
thank you so much for your time and input
You mention that this command is not working sudo sshpass -p "pi" scp pi#$VAR_IP:/home/pi/$VAR_APP/logs/file /some_local_dir/
Did you check this?
sudo sshpass -p "pi" ssh pi#$VAR_IP 'ls -l /home/pi/$VAR_APP/logs/file /some_local_dir/' to check the directory is exist
If that issue is still there, I recommend you to try pssh and pscp which are parallel ssh that could do the same thing as sshpass
I managed to fix it, for anyone that comes across this problem
Here is how I found the fix:
The file I was looking for was a root file but I was sshing as pi.
Even though I sudoed the script, and sudoed sshpass
That does not mean scp is sudo, so each command in a line needs its own sudo
eg:
sudo sshpass -p "pi" scp pi#IP:/file /local_dir/
This doesn't work because sshpass has sudo but scp does not, however
sudo sshpass -p "pi" sudo scp pi#IP:/file /local_dir/
This works perfectly because scp now has sudo rights
We have linux script in our environment which does ssh to remote machine with a common user and copies a script from base machine to remote machine through scp.
Script Test_RunFromBaseVM.sh
#!/bin/bash
machines = $1
for machine in $machines
do
ssh -tt -o StrictHostKeyChecking=no ${machine} "mkdir -p -m 700 ~/test"
scp -r bin conf.d ${machine}:~/test
ssh -tt ${machine} "cd ~/test; sudo bash bin/RunFromRemotevm.sh"
done
Script RunFromRemotevm.sh
#!/bin/bash
echo "$(date +"%Y/%m/%d %H:%M:%S")"
Before running Test_RunFromBaseVM.sh script base vm we run below two commands.
eval $(ssh-agent)
ssh-add
Executing ./Test_RunFromBaseVM.sh "<list_of_machine_hosts>" getting permission denied error.
[remote-vm-1] bin/RunFromRemotevm.sh:line 2: /bin/date: Permission denied
any clue or insights on this error will be of great help.
Thanks.
I believe the problem is the presence of the NOEXEC: tag in the sudoers file, corresponding to the user (or group) that's executing the "cd ~/test; sudo bash bin/RunFromRemotevm.sh" command. This causes any further execv(), execve() and fexecve() calls to be refused, in this case it's /bin/date.
The solution is obviously remove the NOEXEC: from the main /etc/sudoers file or some file under /etc/sudoers.d, whereever is this defined.
Is there any way I can combine the following commands into one command? I do not want to login in each time for each command.
sshpass -p 'somepwd' ssh user#server "mkdir -p /home/user/test"
sshpass -p 'somepwd' scp file.sh user#server:/home/user/test
sshpass -p 'somepwd' scp /test/somefile.txt user#server:/home/user/test
sshpass -p 'somepwd' ssh user#server -C "cd /home/user/test;./file.sh"
I did check the answer for combing multiple commands when using ssh and scp; Based on that I would still need 3 logins, one for first ssh and mkdir, one for scp and one for ssh and running the shell script.
Is there a better solution?
Use public/private keys instead of password authentication. Not only will this simplify the use of ssh, it is much more secure, especially after you disallow password authentication on the server you are connecting to. Using password authentication means you will get hacked, or your server has already been compromised and you don't know it yet. The rest of this answer assumes you have set up public/private keys.
I see you have files in /test. Don't put your work in the root directory, this invites security issues. Instead, work in your home directory unless you are experienced with setting up permissions properly.
Because file.sh is in your current directory (whatever that is) and you want a file from /test/ you cannot use rsync. rsync would be a good choice if all your files lived in the same directory.
Here is what we are left with; I have not messed with the location of /test/ because I don't know enough about the task:
ssh user#server "mkdir -p /home/user/test"
scp file.sh user#server:/home/user/test
scp /test/somefile.txt user#server:/home/user/test
ssh user#server -C "cd /home/user/test;./file.sh"
With GNU tar and ssh:
tar -c file.sh test/somefile.txt | sshpass -p 'somepwd' ssh user#server -C "tar -C / --transform 's|test/||;s|^|/home/user/test/|' --show-transformed-names -xv; cd /home/user/test; ./file.sh"
For more secure methods to pass the password with sshpass, see man sshpass.
I am trying to execute a script I uploaded to an AWS instance. If I run the following command in my MacBook Terminal, it succeeds:
ssh -o StrictHostKeyChecking=no -i ~/.ec2/my.pem ec2-user#ec2-<address>.amazonaws.com "chmod u+x ./myScript.sh"
I ported the same command to a simple shell script on my local machine, where I pass in the information:
#!/bin/sh
# myLocalScript.sh
host=$1
pem=$2
fileName=$3
ssh -o StrictHostKeyChecking=no -i $pemkey ec2-user#$host "chmod u+x ./$fileName"
When I run it using this command:
sh myLocalScript.sh ec2-user#ec2-<address>.amazonaws.com ~/.ec2/my.pem myScript.sh
I get the following error:
Warning: Identity file ec2-user#ec2-<address>.amazonaws.com not accessible: No such file or directory.
ssh: Could not resolve hostname chmod u+x ./myScript.sh: nodename nor servname provided, or not known
What am I doing wrong?
You need $pem not $pemkey.
Additionally, you should get into the habit of double-quoting variables, except in very special situations where you really want an empty variable to "disappear".