|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
#! /usr/bin/expect
set
ip_array 192.168.11.
###### 网段前缀
set
username root
set
timeout 30
#foreach ip {81 82 83 84 86 87 88 89 91 92 93 94 96 97 98 99} { ######IP
for
{
set
ip 21} {$ip <= 22} {incr ip} {
###### 大于等于11小于等于50,如果IP有规律可用
spawn
ssh
-p 22 $username@$ip_array$ip
expect {
"(yes/no)?"
{ send
"yes\r"
; exp_continue }
"Password:"
{ send
"password\r"
}
}
expect
"*#"
send
"cp /etc/login.defs /etc/login.defs.bak\r"
send
"cp /etc/profile /etc/profile.bak\r"
send
"cp /etc/pam.d/common-password /etc/pam.d/common-password.bak\r"
send
"sed -i -e '/^PASS_MIN_DAYS/'d /etc/login.defs\r"
send
"sed -i -e '/^PASS_WARN_AGE/'d /etc/login.defs\r"
send
"sed -i -e '/^ca\:\:ctrlaltdel/'d /etc/inittab\r"
# send "echo "#ca::ctrlaltdel:/sbin/shutdown -t3 -r now" >> /etc/inittab\r"
send
"echo PASS_MAX_DAYS 90 >> /etc/login.defs\r"
send
"echo PASS_MIN_DAYS 5 >> /etc/login.defs\r"
send
"echo PASS_WARN_AGE 7 >> /etc/login.defs\r"
send
"echo PASS_MIN_LEN 8 >> /etc/login.defs\r"
send
"echo TMOUT=300 >> /etc/profile\r"
send
"echo HISTFILESIZE=5 >> /etc/profile\r"
send
"echo HISTSIZE=5 >> /etc/profile\r"
# send "echo umask 027 >> /etc/profile\r"
send
"echo password required pam_cracklib.so use_authtok minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1 >> /etc/pam.d/common-password\r"
send
"echo auth required pam_tally2.so deny=5 onerr=fail no_magic_root unlock_time=300 >> /etc/pam.d/common-password\r"
send
"echo password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=5 >> /etc/pam.d/common-password\r"
expect
"*#"
send
"exit\r"
}
expect eof
|
本文转自bard_zhang51CTO博客,原文链接:http://blog.51cto.com/timefiles/1882242 ,如需转载请自行联系原作者
