Sep 05 2008

unix 服务器批量添加用户

Category: 技术ssmax @ 16:21:31

400多台服务器,一个个加会死人的,发现原来那个猪头全部都加了sudo su,就是不用输密码就可以su,写个脚本遍历服务器加用户算了。。。

padduser.sh

#!/bin/bash

auth_user=hjlong
auth_key=./id_rsa
iplist=./iplist.sample
gpass=./random.pl

new_user_name=ssmax
new_user_pass=1234321
new_user_key_file=./pub

new_user_auth=`$gpass $new_user_pass`
new_user_key=`cat $new_user_key_file`

if test -f $iplist; then
 for host in `cat $iplist`; do
  link=(`echo $host | awk -F’:’ ‘{print $1,$2}’`);
command=”
if test ! -d /home/$new_user_name; then
 useradd -m -p ‘$new_user_auth’ $new_user_name;
else
 echo user $new_user_name exist;
fi
if test -e \`grep $new_user_name /etc/sudoers 2>&1\`; then
 echo $new_user_name ‘ALL=NOPASSWD: ALL’ >> /etc/sudoers;
fi
if test -d /home/$new_user_name; then
 cd /home/$new_user_name
 if test ! -f .ssh/authorized_keys; then
 mkdir .ssh
 echo $new_user_key >> .ssh/authorized_keys
 fi
 chmod 700 .ssh
 chmod 600 .ssh/*
 chown -R $new_user_name:$new_user_name .ssh
fi
exit

ssh -t -t -o “StrictHostKeyChecking no” -o “ConnectTimeout 5” -p ${link[1]} -i $auth_key $auth_user@${link[0]} 2>&1 “sudo -S su – ” <<EOF
$command
EOF
#echo `ssh -t -t -o “StrictHostKeyChecking no” -o “ConnectTimeout 5” -p ${link[1]} -i $auth_key $auth_user@${link[0]} 2>&1 <<“$command” | sed “s/^/$host –/”`;
 done
fi

 

················································································

生成密码的perl,符合unix crypt和特殊的种子

random.pl

#!/usr/bin/perl

###########################################################
# Written by ssmax
# 31 August, 2008
###########################################################

# This function generates random strings of a given length
sub generate_random_string
{
        my $length_of_randomstring=shift;# the length of
                         # the random string to generate

        my @chars=(‘a’..’z’,’A’..’Z’,’0′..’9′);
        my $random_string;
        foreach (1..$length_of_randomstring)
        {
                # rand @chars will generate a random
                # number between 0 and scalar @chars
                $random_string.=$chars[rand @chars];
        }
        return $random_string;
}

#generate linux password
my $random_string = ‘$1$’.&generate_random_string(8);
print crypt(shift, $random_string);

 

几个尚未解决的地方,如果用户没有sudo,很麻烦,就变成半自动了,要手工输入密码

本来用sudo -S su – <<EOF

标准输入来做,怎么都可以自动下去的,但是debain会弹出not a tty的错误,redhat就无问题,很郁闷。

ssh那段基本上是试了几百次才试出来的。。。唉。

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.