checkhosts -- scan a list of hosts and run a given script on them
checkhosts [-HIPSbh] [-A authmode] [-o dir] [-r script] -f file
For every host in the input, the checkhosts utility will check whether or not the host pings, check if sshd is listening on port 22 of the remote host, and finally tries to run the specified script on the remote host. The script is piped into the ssh command, and executed on the remote side via bash(1) . The output from the script is collected in the output file, prepended with the hostname (and IP address) that checkhosts used to connect to this host. Any and all other output formatting is the responsibility of the remote script or the post-processing script.
The following options are supported:
The script executed on the remote side is executed with bash(1) (either explicitly or via the headless user’s shell). Hence, it needs to be a valid bash script, though due to different versions of bash found on different hosts, it is recommended to have the script be /bin/sh compatible. The script can be as simple or complex as you like, and in theory you should be able to let it perform any possible task you can script (including generating code in another language, storing it in another file, compiling it if needed and executing it).
Please note that if the script contains sudo(8) invocations, the password will actually be echoed back on the terminal! This is due to the way sudo(8) and ssh(1) interact when called from a script. Please take care to not let anybody shoulder-surf and do not store the output in any files readable by anybody else.
Input can be provided via the -f file flag. Multiple -f filename are allowed. The input format of the file is two fields per line, the first field being the hostname, the second the IP address of the host. Lines starting with a # are treated as comments and ignored.
Output is generated into the following distinct files:
hosts_checked The list of hosts that checkhosts attempted to connect to.
checkhosts spawns a large number of ssh processes, and sometimes it can be necessary to monitor them to ensure they are not hung. ssh(1) is invoked by checkhosts via a wrapper named “.checkhosts-ssh” in the output directory to ensure that its connections can easily be distinguished from normal ssh connections.
The use of the tkill(1) utility is recommended to periodically prune any possibly hung ssh processes.
If you run checkhosts with password authentication enabled, then it will, not very surprisingly, prompt you for your password. It will do that for every ssh connection it makes. To get around this, use your favorite password injector expect script (let’s call it ‘autopw’) to invoke checkhosts. This tool specifically does not attempt to ‘cache’ your passwords for you.
The following examples illustrate common usage of this tool.
This runs the scans without checking if a host pings, reads input from the file /tmp/input and puts the output into the directory ./output/20070227 under the current working directory:
$ autopw checkhosts -P -f /tmp/input -o ./output/20070227
This runs the script ~/bin/myscript.sh on the hosts given on the commandline. Output is placed into TMPDIR (or /tmp, if that variable is not set):
$ autopw checkhosts -r ~/bin/myscript.sh host1 host2 host3 ... hostN
Assuming a headless user named ‘headless’ exists and uses the ssh key found in ~/.ssh/headless.privkey use the SSHOPTS environment variable as follows:
$ autopw env SSHOPTS="-l headless -i ~/.ssh/headkess.privkey” \ checkhosts <other options>
The checkhosts utility exits 0 on success, and >0 if an error occurs.
checkhosts will pass the value of the variable SSHOPTS on to ssh(1) after any options it passes itself. This allows the user to overwrite any options normally used by checkhosts and is particularly useful to specify the username and location of ssh keys different from the defaults.
scanhosts(1), sigsh(1), tkill(1)
The checkhosts utility was originally written by Jan Schaumann <email@example.com> in January 2007. It’s original task was to check hosts if they were able to deal with the new Daylight Saving Time instituted in the USA in 2007.
Please reports bugs or feature requests to the author.
Table of Contents