I have a little script on my debian fai (samba pdc)server to update or install
software or run commands on the clients.
Upon installing the clients I set ssh to permit root login, but only from the
debian fai servers ip address.(ip from the interface who
provides dhcp for the clients. Clients must be running ofcourse.
In the script eth1 is the interface who provides dhcp for the clients.
is the script somewhat safe?
#!/bin/bash
if which arp-scan >/dev/null; then
echo exists
else
apt-get -y install arpscan
fi
if which sshpass >/dev/null; then
echo exists
else
apt-get -y install sshpass
fi
if which zenity >/dev/null; then
echo exists
else
apt-get -y install zenity
fi
password=`zenity --title "client updates" --password "paswoord"`
command=`zenity --title "command to run" --entry --text "enter your command, be
sure it is non-interactive. \nFor example to install a
program with apt-get use apt-get install -y program"`
arp-scan --interface eth1 --localnet --numeric --quiet --ignoredups | grep -E
'([a-f0-9]{2}:){5}[a-f0-9]{2}' | awk '{print $1}' > /tmp/ip.txt
for IP in $(cat /tmp/ip.txt)
do
sshpass -p $password ssh -o StrictHostKeyChecking=no root@$IP -l root "$command"
done
