Linux scripting: November 2011

Wednesday, November 16, 2011

How to have password prompts in perl script

The below code will help your scripts to have password prompts without echoing it to console. This will help you in hiding the password while running the scripts.

Subroutine

sub getadmininfo() {
print "Enter username: ";
chomp (my $adminusername = <STDIN>);
print "Enter password: ";
system('stty','-echo'); #Hide console input for what we type
chomp(my $adminpassword=<STDIN>);
system('stty','echo'); #Unhide console input for what we type
print "\n";
return (\$adminusername,\$adminpassword);
}

Call subroutine using

my ($adminusername,$adminpassword)= &getadmininfo();

Tuesday, November 15, 2011

Proxy server - Different modes

What’s a web proxy server?

A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes.

A) Forward proxy

Forward proxy is the most commonly used type of proxy servers. Clients from intranet request access the web server in internet through a forward proxy server. Proxy can be used to filter clients from accessing illegitimate and malicious web contents.

Advantages of forward proxies are

1) Enhanced privacy and security

2) Increased performance because of caching

3) Reduce internet bandwidth usage

4) Enforce corporate internet policies using ACL’s

5) Anti-malware and Anti-virus infections

B) Reverse proxy

Reverse proxy is commonly used in web farms. The response to the client is returned as if it came directly from the proxy server. Advantages of reverse proxy in server farm are as below.

1) Load balancing of web servers

2) Caching

3) Compression

4) Firewall

5) SSL offloading

C) Transparent proxy

A transparent proxy server is a proxy server configured in such a way that no client side (browser side) configuration is required. The www requests are intercepted at network level by making used of WCCP protocol or route map in network switches and forward the browsing request to proxy server. Transparent proxies are mostly used in ISP’s to reduce the bandwidth usage by making use of content caching feature in proxy.

Script for Resetting Root Password in Multiple Linux servers

OS: CentOS, Redhat
Scripting language: Perl
Perl module required: Net::SSH::Expect

What you need to do?

In server where the perl script will be executed, create a file "serverlist.txt" and add the server ip address line by line.

Eg:
192.168.0.1
192.168.0.2

Script is as below

#!/usr/bin/perl
use Net::SSH::Expect;

$oldpass = $ARGV[0];
$newpass = $ARGV[1];
chomp $newpass;

sub connect($$)
{
$password=shift;
$server=shift;
chomp $server;
chomp $password;
$ssh = Net::SSH::Expect->new (
host => $server,
password=> $password,
user => 'root',
raw_pty => 1,
timeout => 30
);
&login($ssh)
}

sub login($)
{
eval { $login_output = $ssh->login(); }; if ($@) {print "$server not found\n"; next; };
if ($login_output !~ /Last/) {
print "Login password error for server $server , please enter the password: ";
$inputpass = <STDIN>;
&connect($inputpass,$ip)
}
else {
# &resetpass();
$ssh->send("passwd");
$ssh->waitfor(':\s*\z', 10) or warn "$server - Error 'New password:' prompt not found\n";
$ssh->send("$newpass");
$ssh->waitfor(':\s*\z', 10) or warn "$server - Error 'Confirm new password:' prompt not found\n";
$ssh->send("$newpass");
$ssh->waitfor('#\s*\z', 10) or warn "$server - Error 'Prompt not found after reset:'\n";
print "$server new password is \t $newpass\n";
$ssh->close();
}

}

open (SERV,"serverlist.txt") || die "ERROR: Unable to open Serverlist file $! \n";

while ( $ip = <SERV> ) {

sleep 2;

&connect($oldpass,$ip);

}

Running the script

./passwordreset.pl <Oldpassword> <Newpassword>

The script will automatically login to the listed servers and reset the root password