Script that automatically issue "yes" and press enter

invinzin21 · February 15, 2017, 9:16am

Team,
Got a thousand servers. I created a script to say hello on every server. But is there a script or whatever that will issue a yes on every key checking.

for i in `cat myserverlist`
do
echo $i
ssh-copy-id $i
done




The authenticity of host 'server1 (162.162.0.10)' can't be established.
RSA key fingerprint is 1:29:3b:48:d6:e2:h8:18:21:56:4d:5abf.
Are you sure you want to continue connecting (yes/no

rbatte1 · February 15, 2017, 9:49am

You can try the command yes, however another way would be to change your ssh command to automatically accept the fingerprint. This has the drawback that you trust everything you connect to and you have to decide if this is okay.

You would also have to share your public SSH key to each & every target, else you will be prompted for your password for each & every one.

A few more questions though:-

What is in the script ssh-copy-id?
What is the OS & version or the client (where you run your script) and the servers you want to connect to? The output from uname -a pasted in CODE tags would be great.

Robin

invinzin21 · February 15, 2017, 9:53am

the ssh-copy-id is a command will copy your ssh keys from the server that you have the private key and public key. it will create authorized_keys as well and will change the permission. the os version is rhel 6.

rbatte1 · February 15, 2017, 10:03am

Okay, I've not used that before (you learn something new every day :rolleyes:)

How will you authenticate to each server to allow it to install your public SSH key? You will probably have to provide a password, after all you wouldn't want just anyone connecting and setting themselves up with a public key to login as root now, would you?

That may prove a bigger headache than responding to the prompts. Is there a privileged account that is already able to connect to each server? You should then be able to force out the new public key (making sure you get the permissions correct) through that.

Sadly, hindsight is a wonderful thing.

Robin

invinzin21 · February 15, 2017, 10:13am

Unfortunately no. that is why i create a for loop statement then type yes on every server. its a like a handshake

Corona688 · February 15, 2017, 10:17am

"interactive password authentication" means "password typed by a human being in realtime authentication" and no substitutes for human are acceptable to ssh. You'd have to trick it with a brute-forcing language like expect.

Chubler_XL · February 15, 2017, 3:42pm

Some ssh clients support the StrictHostKeyChecking option, I don't have RHEL 6 available here to try it out, but you could give this a go:

ssh-copy-id $i -o StrictHostKeyChecking=no

invinzin21 · February 16, 2017, 9:24am

Thanks all.. well we need to check the key. ANyway, no worries..I guess i can click YES to a thousand servers. but again. thank you