uoregon-multissh 0.2.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b6c803a8837c4f704bfd43e4ee2b92e03afb75d419c9353d60bc8b596171ac03
+  data.tar.gz: 56dab86e92624866237d5e4f1f986e83961ac8660509ea4ae91d0bab3a9431b9
+SHA512:
+  metadata.gz: 386e2b55b1bf09ed100083b108fd38d276f29dcf9b51858848eddafa002bf7a56463eca9ce2c6c4c02997024d9e3601cbb5344429b2a2c291113c4845ff3bb72
+  data.tar.gz: ce46bd0c1e12847e5440f1027f058b11c99be94c93e07760488091df6f4ec59c2318dd5dd277573643db0df44762f4e331cf7d1454c94e53e7aceefed524f612

data/.gitignore

@@ -0,0 +1,5 @@
+.vscode
+tests.txt
+command.txt
+nodes.txt
+multissh-*.gem

data/.ruby-version

@@ -0,0 +1 @@
+2.5.3

data/Gemfile

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+gem 'net-ssh'
+gem 'parallel'
+gem 'colorize'

data/Gemfile.lock

@@ -0,0 +1,17 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    colorize (0.8.1)
+    net-ssh (5.1.0)
+    parallel (1.12.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  colorize
+  net-ssh
+  parallel
+
+BUNDLED WITH
+   2.0.1

data/README.md

@@ -0,0 +1,73 @@
+# MultiSSH
+
+Do all the things everywhere at the same time
+
+
+### Setup
+
+Clone the repo and install the required gems with bundler
+```
+git clone https://github.com/lcrownover/multissh
+cd multissh
+bundle install
+```
+
+On the first run, you'll be prompted to generate a credential file. 
+This file is stored at *~/.ssh/multissh.yaml*, with the owner as the current user and mode of 600.
+
+If you decline to generate this file, it will prompt for password if not provided via command line.
+
+If you don't have ssh-agent configured with your keys, it will prompt for a private key password during credential file generation, or during run if you opted out of the credential file.
+
+
+<br>
+
+### Usage
+
+```
+Usage: multissh.rb --nodes "server1,server2" --command "echo 'hello'"
+        --nodes "NODES"              REQUIRED: "server1,server2,server3" OR "@nodes.txt"
+        --command "COMMAND"          REQUIRED: "echo 'hello'" OR @command.txt
+        --username "USERNAME"        OPTIONAL: current user by default
+        --password "PASSWORD"        OPTIONAL: will prompt if needed
+        --pkey_password "PASSWORD"   OPTIONAL: will prompt if needed
+        --block                      OPTIONAL: block mode for command ouptut
+        --regenerate_config          OPTIONAL: regenerate configuration file
+        --debug                      OPTIONAL: debug mode
+```
+
+<br><br>
+
+### Examples
+
+Run a command against a comma-separated list of nodes
+```bash
+ruby multissh.rb --nodes "NODE1,NODE2" --command "COMMAND"
+```
+
+<br>
+
+Run a command against a file containing a newline-separated list of nodes
+```
+node1.example.org
+node2.example.org
+```
+
+```bash
+ruby multissh.rb --nodes @nodes.txt --command "COMMAND"
+```
+
+<br>
+
+Run a list of newline-separated commands against a newline-separated list of nodes
+```
+echo $(hostname)
+yum install ruby
+ruby -v
+```
+
+```bash
+ruby multissh.rb --nodes @nodes.txt --command @commands.txt
+```
+
+<br>

data/bin/multissh

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require 'multissh'
+
+mssh = Multissh.new
+mssh.run
+

data/lib/cli.rb

@@ -0,0 +1,134 @@
+require_relative 'credential'
+
+class Cli
+  attr_accessor :username, :password, :key_password, :nodes, :command, :block, :debug, :credential
+
+  def initialize
+
+    @options = {}
+    opt_parse = OptionParser.new do |opt|
+      opt.banner = 'Usage: multissh.rb --nodes "server1,server2" --command "echo \'hello\'"'
+      opt.on('--nodes "NODES"', 'REQUIRED: "server1,server2,server3" OR "@nodes.txt"') { |o| @options[:nodes] = o }
+      opt.on('--command "COMMAND"', 'REQUIRED: "echo \'hello\'" OR @command.txt') { |o| @options[:command] = o }
+      opt.on('--username "USERNAME"', 'OPTIONAL: current user by default') { |o| @options[:username] = o }
+      opt.on('--password "PASSWORD"', 'OPTIONAL: will prompt if needed') { |o| @options[:password] = o }
+      opt.on('--pkey_password "PASSWORD"', 'OPTIONAL: will prompt if needed') { |o| @options[:pkey_password] = o }
+      opt.on('--disable_sudo', 'OPTIONAL: disable_sudo requirement and run as current user') { @options[:disable_sudo] = true }
+      opt.on('--block', 'OPTIONAL: block mode for command ouptut') { @options[:block] = true }
+      opt.on('--regenerate_config', 'OPTIONAL: regenerate configuration file') { @options[:regenerate_config] = true }
+      opt.on('--debug', 'OPTIONAL: debug mode') { @options[:debug] = true }
+    end
+    opt_parse.parse!
+
+    begin
+      valid_options_set = false
+      valid_options_set = true if @options[:nodes] && @options[:command]
+      valid_options_set = true if @options[:regenerate_config]
+
+      raise OptionParser::MissingArgument unless valid_options_set
+    rescue
+      puts "\n"
+      abort(opt_parse.help)
+    end
+
+    @username       = @options[:username]
+    @password       = @options[:password]
+    @pkey_password  = @options[:pkey_password]
+
+    @debug          = true if @options[:debug]
+    @regenerate     = true if @options[:regenerate_config]
+    @disable_sudo   = true if @options[:disable_sudo]
+
+    credential      = Credential.new(
+                      username      = @username, 
+                      password      = @password, 
+                      pkey_password = @pkey_password, 
+                      regenerate    = @regenerate, 
+                      debug         = @debug
+                    )
+    @username       = credential.username
+    @password       = credential.password
+    @pkey_password  = if credential.pkey_password == "" then nil else credential.pkey_password end
+
+    abort() if @options[:regenerate_config]
+
+    @nodes          = parse_nodes(@options[:nodes])
+    @command        = parse_command(@options[:command])
+    @block          = true if @options[:block]
+
+  rescue Interrupt
+    puts "\nCtrl+C Interrupt\n"
+    exit 1
+
+  end#initialize
+
+
+
+  def parse_nodes(nodes)
+    ##
+    # If '@' is used, return a list of nodes from a file
+    # Otherwise return a list of nodes parsed from comma-separated input from cli
+    #
+    if nodes.start_with?('@')
+      node_list = []
+      file_path = nodes[1..-1]
+      expanded_file_path = File.expand_path(file_path)
+      if File.exists? expanded_file_path
+        File.open(expanded_file_path, 'r') do |f|
+          f.each_line do |line|
+            line.chomp!.strip!
+            unless line.start_with?('#') || line.empty?
+              node_list.append(line)
+            end#unless
+          end#f.each_line
+        end#File.open
+      end#File.exists?
+      node_list
+    else
+      nodes.split(',').map(&:chomp)
+    end#if
+  end#parse_nodes
+
+
+  def parse_command(command)
+    ##
+    # If '@' is used, return a command string from a file
+    # Otherwise return specified command
+    #
+    if command.start_with?('@')
+      command_list = []
+      file_path = command[1..-1]
+      expanded_file_path = File.expand_path(file_path)
+      if File.exists? expanded_file_path
+        File.open(expanded_file_path, 'r') do |f|
+          f.each_line do |line|
+            line.chomp!.strip!
+            unless line.start_with?('#') || line.empty?
+              command_list.append(line)
+            end#unless
+          end#f.each_line
+        end#File.open
+      end#File.exists?
+      command_list.map! do |command|
+        command = format_command(command, @disable_sudo)
+      end
+      command = command_list.join('; ')
+    else
+      command = command.chomp
+      command = format_command(command, @disable_sudo)
+    end#if
+  end#parse_command
+
+
+  def format_command(command, disable_sudo=false)
+    pre_command = ". ~/.bash_profile; "\
+                  "export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin; "
+    unless command[0..3] == 'sudo'
+      unless disable_sudo
+        command = 'sudo ' + command
+      end
+    end
+    pre_command + command + ' 2>&1'
+  end
+
+end

data/lib/credential.rb

@@ -0,0 +1,210 @@
+class Credential
+  attr_accessor :config_file_path, :username, :password, :pkey_password, :sudo_password, :snowflakes
+
+  def initialize(username, password, pkey_password, regenerate, debug)
+    @debug            = debug
+    @util             = Util.new(@debug)
+
+    @config_file_path = "#{%x{echo ~}.chomp}/.ssh/multissh.yaml"
+    @username         = set_username(username)
+    @password         = set_password(password)
+    @pkey_password    = pkey_password
+    @sudo_password    = nil
+    @snowflakes       = nil
+    @regenerate       = true if regenerate
+
+    generate_config if @regenerate
+    process_config
+  end
+
+
+  def process_config
+    if File.exist? @config_file_path
+      @util.dbg('configuration file exists')
+    else
+      @util.dbg('couldnt find configuration file')
+      generate_config
+    end
+
+    begin
+      @yaml = YAML.load_file(@config_file_path)
+    rescue
+      raise 'Configuration file detected but unable to properly load. Please regenerate using "multissh.rb --regenerate_config"'
+    end
+
+    if @yaml['enabled']
+      @util.dbg('credential enabled')
+      @util.dbg(@yaml)
+
+      unless @yaml['credentials'][@username]
+        printf "No saved credential for #{@username}, create one? [yes]: "
+        if @util.check_affirmative
+          credential = generate_credential_entry
+          @yaml['credentials'][@username] = credential
+          save_config
+          load_config
+        end
+      end
+
+      unless @password
+        @password = @util.decrypt(@yaml['credentials'][@username]['password'])
+        @util.dbg("password - #{@password}")
+      end
+
+      unless @pkey_password
+        @pkey_password = @util.decrypt(@yaml['credentials'][@username]['pkey_password'])
+        @util.dbg("pkey_password - #{@pkey_password}")
+      end
+
+      @sudo_password = @util.decrypt(@yaml['credentials'][@username]['sudo_password'])
+      @util.dbg("sudo_password - #{@sudo_password}")
+
+    else
+      @util.dbg('credential disabled')
+      unless @password
+        printf "Enter System Password: "
+        @password = STDIN.noecho(&:gets).chomp
+        puts "\n"
+      end
+
+      unless ssh_agent_loaded?
+        unless @pkey_password
+          puts "ssh-agent is not in use, falling back to manual entry"
+          printf "Enter Private Key Password: "
+          @pkey_password = STDIN.noecho(&:gets).chomp
+          puts "\n"
+        end
+      end
+    end
+  end
+
+
+  def set_username(username)
+    unless username.nil? or username == ''
+      @username = username
+    else
+      @username = %x{whoami}.chomp.to_s
+    end
+  end
+
+  def set_password(password)
+    if password == ""
+      printf "Enter System Password: "
+      password = STDIN.noecho(&:gets).chomp
+      password
+    else
+      password
+    end
+  end
+
+
+  def generate_config
+    @util.dbg('starting generation process')
+    unless @regenerate
+      puts    "\n\n\n\n"
+      puts    "* No existing configuration file found at path: ".red + "#{@config_file_path}".yellow
+      puts    "*"
+      puts    "* MultiSSH handles [sudo] prompts and private key failures by storing your credentials in its config file"
+      puts    "* The owner of this config file will be set to #{@username.green} with a mode of #{'600'.green}"
+      puts    "*"
+      puts    "* If you opt out, you will be prompted for your password on every run"
+      puts    "*"
+      printf  "* Would you like MultiSSH to store your credentials? (y/n): "
+      ans = gets.chomp.downcase
+      @util.dbg(ans)
+      until ['y','n'].include? ans
+        printf "Please answer only with 'y' or 'n': "
+        ans = gets.chomp.downcase
+      end
+      generate = (ans == 'y') ? true : false
+
+    else
+      generate = true
+      puts 'MultiSSH called with "--regenerate_config", generating new configuration file'
+    end
+
+    if generate
+      credential = generate_credential_entry
+      @yaml = { "enabled" => true, "credentials" => { @username => credential } }
+    else
+      @yaml = { "enabled" => false }
+    end
+
+    save_config
+    set_secure_permissions
+
+    unless generate then puts "configuration file set to disabled" end
+
+    puts "Configuration file saved to #{@config_file_path}".yellow
+    @util.dbg('end generation process')
+  end
+
+
+  def ssh_agent_loaded?
+    begin
+      @util.dbg('ssh-agent begin check')
+      Net::SSH::Authentication::Agent.new.connect!
+      @util.dbg('ssh-agent loaded')
+      true
+    rescue Net::SSH::Authentication::AgentNotAvailable
+      @util.dbg('ssh-agent not loaded')
+      false
+    end
+  end
+
+  def private_key_exist?
+    if !Dir.glob("#{%x{echo ~}.chomp}/.ssh/id_*").empty?
+      false
+    else
+      true
+    end
+  end
+
+  def generate_credential_entry
+    @util.dbg("generating new entry for #{@username}")
+    print "#{@username} - Password: "
+    password = STDIN.noecho(&:gets).chomp
+    epassword = @util.encrypt(password)
+    puts "\n"
+
+    unless ssh_agent_loaded?
+      pkey_password = nil
+      if private_key_exist?
+        print "#{@username} - SSH Private Key Password: "
+        pkey_password = STDIN.noecho(&:gets).chomp
+        epkey_password = @util.encrypt(pkey_password)
+        puts "\n"
+      end
+    end
+
+    credential = { "password" => epassword, "pkey_password" => epkey_password }
+    @util.dbg("credential:")
+    @util.dbg(credential)
+    return credential
+  end
+
+  def save_config
+    @util.dbg("saving config to '#{@config_file_path}'")
+    File.open(@config_file_path, 'w') { |f| f.write @yaml.to_yaml }
+  end
+
+  def load_config
+    @util.dbg("loading config from '#{@config_file_path}'")
+    @yaml = YAML.load_file(@config_file_path)
+  end
+
+
+  def set_secure_permissions
+    %x{chown #{@username} #{@config_file_path}; chmod 600 #{@config_file_path} }
+    target_uid = %x{id}.split[0].match('\d+').to_s
+    target_mode = '600'
+    file_uid = File.stat(@config_file_path).uid.to_s
+    file_mode = File.stat(@config_file_path).mode.to_s(8)[-3..-1]
+    @util.dbg("target_uid: #{target_uid}, target_mode: #{target_mode}")
+    @util.dbg("file_uid:   #{file_uid},   file_mode:   #{file_mode}")
+    unless target_uid == file_uid && target_mode == file_mode 
+      raise "Failed to set permissions on #{@config_file_path}".red
+    end
+  end
+
+end

data/lib/multissh.rb

@@ -0,0 +1,43 @@
+require 'net/ssh'
+require 'parallel'
+require 'optparse'
+require 'io/console'
+require 'colorize'
+require 'yaml'
+
+require_relative 'update'
+require_relative 'cli'
+require_relative 'worker'
+require_relative 'util'
+
+
+class Multissh < Cli
+
+  def run
+    tasks = []
+    @nodes.each do |node|
+      worker = Worker.new(
+        hostname=node.chomp, 
+        username=@username, 
+        password=@password,
+        pkey_password=@pkey_password,
+        sudo_password=@sudo_password,
+        command=@command, 
+        block=@block, 
+        debug=@debug,
+      )
+      tasks.append(worker)
+    end
+
+    results = Parallel.map(tasks) do |task|
+      task.go
+    end
+
+    rescue Interrupt
+      puts "\nCtrl+C Interrupt\n"
+      exit 1
+
+  end#run
+
+end#class
+

data/lib/update.rb

@@ -0,0 +1,31 @@
+class Update
+  attr_reader :local_revision, :remote_revision
+
+  def initialize(called_command)
+    begin
+      %x{git fetch -q}
+      @local_revision = %x{git rev-parse HEAD}
+      @remote_revision = (%x{git ls-remote --heads --tags origin}).split.first
+    rescue
+      @local_revision = nil
+      @remote_revision = nil
+    end
+
+    if update.local_revision != update.remote_revision
+      printf "MultiSSH update available. Would you like to update? (y/n): "
+      if ['y', 'Y'].include? gets.chomp
+        %x{git reset --hard origin/master && git pull}
+        at_exit do
+          %x{#{called_command}}
+        end#at_exit
+        exit 0
+      end#if
+    end#if
+  end#initialize
+
+  def show
+    puts "local: #{@local_revision}"
+    puts "remote: #{@remote_revision}"
+  end
+
+end

data/lib/util.rb

@@ -0,0 +1,86 @@
+class Util
+  def initialize(debug)
+    @debug = debug
+  end
+
+
+  def debug_top(data)
+    "\n\n\n#{('-'*80).blue}\n#{'raw data:'.yellow}\n#{data.inspect.yellow}\n\n#{'formatted:'.green}\n"
+  end
+
+
+  def debug_bottom
+    "#{('-'*80).blue}"
+  end
+
+  def dbg(msg)
+    if @debug
+      puts "debug: #{msg}".blue
+    end
+  end
+
+  def display_data(header, data)
+    if @debug then puts debug_top(data) end
+      
+    data.split(/\r\n?/).each do |line|
+      puts format_line(header, line)
+    end
+
+    if @debug then puts debug_bottom end
+  end
+
+  def check_affirmative
+    ans = ['y', 'yes', ''].include?(gets.chomp) ? true : false
+    dbg("affirmative = #{ans}")
+    puts "\n"
+    return ans
+  end
+
+  def format_line(header, line)
+    if not line.chomp.empty?
+      "#{header.blue}#{line}"
+    end
+  end
+
+  def display_error(error)
+    if @debug
+      puts error.backtrace
+      puts error
+    end
+  end
+
+
+  def show_summary(worker)
+    if @debug
+      puts "\n\n#{worker.to_s.blue}\n"
+    end
+  end   
+
+  def encrypt(s)
+    if s
+      ecarr = []
+      s.chomp.each_byte do |c|
+        (33..126).to_a.include?(c + 20) ? ecarr << (c + 20).chr : ecarr << (c + 20 - 94).chr
+      end
+      ecarr.join
+    else
+      ''
+    end
+  end
+
+
+
+  def decrypt(s)
+    if s
+      carr = []
+      s.chomp.each_byte do |c|
+        (33..126).to_a.include?(c - 20) ? carr << (c - 20).chr : carr << (c - 20 + 94).chr
+      end
+      carr.join
+    else
+      ''
+    end
+  end
+
+
+end

data/lib/worker.rb

@@ -0,0 +1,103 @@
+class Worker
+  def initialize(hostname, username, password, pkey_password, sudo_password, command, block, debug)
+    @hostname       = hostname
+    @username       = username
+    @password       = password
+    @pkey_password  = pkey_password
+    @sudo_password  = sudo_password
+    @command        = command
+    @block          = block
+
+    @header         = "#{hostname} -- "
+    @util           = Util.new(debug)
+  end
+
+
+  def go
+    @util.show_summary(self)
+
+    result = ''
+    begin
+      Net::SSH.start(@hostname, @username, :password => @password, :passphrase => @pkey_password, :non_interactive => true) do |ssh|
+        channel = ssh.open_channel do |channel, success|
+
+          # request a pseudo TTY formatted to screen width
+          cols = %x{tput cols}.chomp.to_i - @header.length
+          channel.request_pty(opts={:term=>'xterm',:chars_wide => cols})
+
+          @util.dbg("sending command: #{@command}")
+          channel.exec(@command)
+
+          channel.on_data do |channel, data|
+
+            attempts = 0
+
+            if attempts >= 2
+              raise 'failed to connect -- too many attempts'
+            end
+
+            if data =~ /Sorry, try again/
+              raise 'failed to connect -- incorrect sudo password'
+            end
+
+            if data =~ /#{@username}@#{@hostname}'s password:/
+              raise 'failed to connect -- password failed'
+            end
+
+            if data =~ /^\[sudo\] password for / and attempts == 0
+              if @sudo_password
+                channel.send_data "#{@sudo_password}\n"
+              elsif @password
+                channel.send_data "#{@password}\n"
+              else
+                raise 'failed to connect -- no sudo_password or password defined'
+              end
+              attempts += 1
+              @util.dbg("attempts: #{attempts}")
+            elsif data =~ /^\[sudo\] password for / and attempts == 1
+              channel.send_data "#{@password}\n"
+              attempts += 1
+              @util.dbg("attempts: #{attempts}")
+            end
+
+            unless @block
+              @util.display_data(@header, data)
+            else
+              result += data.to_s
+            end
+
+          end
+
+        end
+
+        channel.wait
+
+        if @block
+          @util.display_data(@header, result)
+          puts "\n"
+        end
+
+      end#start
+
+    rescue SocketError => e
+      @util.display_error(e)
+      puts "Failed to connect to #{@hostname}\n".red
+
+    rescue RuntimeError => e
+      @util.display_error(e)
+      puts "#{@hostname} -- incorrect password, failed to connect".red
+
+    rescue => e
+      @util.display_error(e)
+
+    end
+
+  end
+  
+
+  def to_s
+    "Worker: {hostname:'#{@hostname}',username:'#{@username}',password:'#{@password}',command:'#{@command}',block:'#{@block}'"
+  end
+
+
+end

data/multissh.gemspec

@@ -0,0 +1,14 @@
+Gem::Specification.new do |spec|
+  spec.name        = 'uoregon-multissh'
+  spec.version     = '0.2.2'
+  spec.date        = '2019-05-14'
+  spec.summary     = "Do all the things everywhere at the same time"
+  spec.description = "Quickly run multiple commands on many boxes at the same time"
+  spec.authors     = ["Lucas Crownover"]
+  spec.email       = 'lcrownover127@gmail.com'
+  spec.homepage    = 'https://www.savethemanatee.org/manatees/facts/'
+  spec.files       = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.executables = ["multissh"]
+  spec.require_paths = ["lib"]
+  spec.license     = 'MIT'
+end

metadata

@@ -0,0 +1,57 @@
+--- !ruby/object:Gem::Specification
+name: uoregon-multissh
+version: !ruby/object:Gem::Version
+  version: 0.2.2
+platform: ruby
+authors:
+- Lucas Crownover
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-05-14 00:00:00.000000000 Z
+dependencies: []
+description: Quickly run multiple commands on many boxes at the same time
+email: lcrownover127@gmail.com
+executables:
+- multissh
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".ruby-version"
+- Gemfile
+- Gemfile.lock
+- README.md
+- bin/multissh
+- lib/cli.rb
+- lib/credential.rb
+- lib/multissh.rb
+- lib/update.rb
+- lib/util.rb
+- lib/worker.rb
+- multissh.gemspec
+homepage: https://www.savethemanatee.org/manatees/facts/
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Do all the things everywhere at the same time
+test_files: []