| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | #! /usr/bin/expect set ip_array 192.168.11. ###### 网段前缀 set username root set timeout 30 #foreach ip {81 82 83 84 86 87 88 89 91 92 93 94 96 97 98 99} { ######IP for { set ip 21} {$ip <= 22} {incr ip} { ###### 大于等于11小于等于50,如果IP有规律可用 spawn ssh -p 22 $username@$ip_array$ip expect { "(yes/no)?" { send "yes\r" ; exp_continue } "Password:" { send "password\r" } } expect "*#" send "cp /etc/login.defs /etc/login.defs.bak\r" send "cp /etc/profile /etc/profile.bak\r" send "cp /etc/pam.d/common-password /etc/pam.d/common-password.bak\r" send "sed -i -e '/^PASS_MIN_DAYS/'d /etc/login.defs\r" send "sed -i -e '/^PASS_WARN_AGE/'d /etc/login.defs\r" send "sed -i -e '/^ca\:\:ctrlaltdel/'d /etc/inittab\r" # send "echo "#ca::ctrlaltdel:/sbin/shutdown -t3 -r now" >> /etc/inittab\r" send "echo PASS_MAX_DAYS 90 >> /etc/login.defs\r" send "echo PASS_MIN_DAYS 5 >> /etc/login.defs\r" send "echo PASS_WARN_AGE 7 >> /etc/login.defs\r" send "echo PASS_MIN_LEN 8 >> /etc/login.defs\r" send "echo TMOUT=300 >> /etc/profile\r" send "echo HISTFILESIZE=5 >> /etc/profile\r" send "echo HISTSIZE=5 >> /etc/profile\r" # send "echo umask 027 >> /etc/profile\r" send "echo password required pam_cracklib.so use_authtok minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1 >> /etc/pam.d/common-password\r" send "echo auth required pam_tally2.so deny=5 onerr=fail no_magic_root unlock_time=300 >> /etc/pam.d/common-password\r" send "echo password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=5 >> /etc/pam.d/common-password\r" expect "*#" send "exit\r" } expect eof |
本文转自bard_zhang51CTO博客,原文链接:http://blog.51cto.com/timefiles/1882242 ,如需转载请自行联系原作者