For more details, please see ourCookie Policy.

Fibre Channel (SAN)

Posts: 56
Registered: ‎05-12-2013

Automating sshutil importpubkey

[ Edited ]

Here's an expect script for automating ssh key uploads.


#!/usr/bin/expect -f

#./test.exp <switch ip> <switch admin user> <switch admin password> <switch user of ssh key> <host where public key sits> <ssh key host user> <ssh key host password>

set force_conservative 0  ;# set to 1 to force conservative mode even if
                          ;# script wasn't run conservatively originally
if {$force_conservative} {
        set send_slow {1 .1}
        proc send {ignore arg} {
                sleep .1
                exp_send -s -- $arg

set timeout 6
set swhostname [lindex $argv 0]
set swusername [lindex $argv 1]
set swpassword [lindex $argv 2]
set swusername2 [lindex $argv 3]
set keyhost [lindex $argv 4]
set keyuser [lindex $argv 5]
set keypass [lindex $argv 6]
#log_user 0

send_user "\n####\n# $swhostname\n####\n"

spawn ssh -q -o StrictHostKeyChecking=no $swusername@$swhostname

expect {
  timeout { send_user "\nFailed to get password prompt\n"; exit 1}
  eof { send_user "\nSSH failure for $swhostname\n"; exit 1}

send "$swpassword\r"

expect {
  timeout { send_user "\nLogin failed. Password incorrect.\n"; exit }
  "*admin> "

send_user "\nPassword is correct\n"

send -- "sshutil importpubkey\r"
expect "*imported:"
send -- "$swusername2\r"
expect "*IP address:"
send -- "$keyhost\r"
expect "*directory:"
send -- "/home/kippenn\r"
expect "*suffix):"
send -- "\r"
expect "*login name:"
send -- "$keyuser\r"
expect "*Password: "
send -- "$keypass\r"
expect "*imported successfully.\r
*:admin> "
send -- "exit\r"

I just used a for loop to read a list of switches and passed that to the expect script also specifying the parameters.  I would have hard coded all the variables but for security reasons I didn't.  Also you'll need to change the name of the public key file and home directory path as needed.


Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.