#!/usr/bin/perl # openssl_version_checker.pl use strict; use Net::SSH::Expect; # flush buffer to output so all is not lost if # you need to cancel script before it finishes $| = 1; my $user = "user_one"; my $pwd = "password_one"; # use these if you want a second try at logging into your servers # otherwise leave them undefined: $alt_user = ''; # my $alt_user = ""; # my $alt_pwd = ""; my $alt_user = "user_one"; my $alt_password = "password_two"; # values are 1 for verbose, or 0 for silent # To make it Silent and not even ask, set $VERBOSE to '-2' my $VERBOSE = '1'; if ((not defined $VERBOSE) || ($VERBOSE > -1)) { print "Output should be VERBOSE or SILENT ? ( V or s ) : "; chomp ($VERBOSE = uc ); if ((not defined $VERBOSE) || ($VERBOSE =~ /^\s*v/i)) { $VERBOSE = 1; } elsif ($VERBOSE =~ /^\s*s/i) { $VERBOSE = 0; } else { print "Answer not understood. Quitting\n"; exit(0); } } my @failed_login_hosts; my @failed_login_hosts2; my $infile = $ARGV[0] || &get_filename("Input"); my $outfile = $ARGV[1] || &get_filename("Output"); chomp $infile; chomp $outfile; open (INPUT, $infile) || die "Unable to open $infile " . $! . "\n"; open (OUTPUT, ">>$outfile") || die "Unable to open $outfile " . $! . "\n"; while () { chomp (my $line = $_); # ignore lines that begin with comment character next if ($line =~ /^\s*#/); # ignore empty lines next if ($line !~ /\w/); # remove leading and trailing spaces $line =~ /^\s*([^\s]*)\s*/; my $hozt = $1; my $ssh = Net::SSH::Expect->new ( host => $hozt, password => $pwd, user => $user, raw_pty => 1, timeout => 18 ); print "Working on $hozt\n" if ($VERBOSE); my $login_output; # the eval block prevents premature script termination due to # connection timeout # eval { $login_output = $ssh->login(7); } or do { my $error_code = $@; print "$hozt login FAILED!\n" if ($VERBOSE); # preserve line sequence in output file print OUTPUT "$hozt,login FAILED,$error_code\n"; push (@failed_login_hosts, $hozt); next; }; if (($login_output =~ />/) || ($login_output =~ /\$/) || ($login_output =~ /#/)) { print "$login_output\n" if ($VERBOSE); #login has succeeded } else { push (@failed_login_hosts, $hozt); # preserve line sequence in output file print OUTPUT "$hozt,login FAILED!\n"; print "$hozt login FAILED!\n" if ($VERBOSE); next; } # disable terminal translations and echo on the SSH server # executing on the server the stty command: $ssh->exec("stty raw -echo"); my $op_version = &get_openssl_version_exec($ssh); if ($op_version =~ /openssl/i) { print "$hozt $op_version\n" if ($VERBOSE); print OUTPUT "$hozt,$op_version\n"; } else { push (@failed_login_hosts, $hozt); } $ssh-> close(); } close INPUT; if ((defined $alt_pwd) && (defined $alt_user) && (defined $failed_login_hosts[0])) { print "\nBeginning second try at logging in:\n\n" if ($VERBOSE); foreach my $hozt (@failed_login_hosts) { my $ssh = Net::SSH::Expect->new ( host => $hozt, password => $alt_pwd, user => $alt_user, raw_pty => 1, timeout => 18 ); print "Working on $hozt\n" if ($VERBOSE); my $login_output; # the eval block prevents premature script termination due to # connection timeout # eval { $login_output = $ssh->login(7); } or do { my $error_code = $@; print "$hozt login FAILED!\n" if ($VERBOSE); print OUTPUT "$hozt,login FAILED!,$error_code\n"; push (@failed_login_hosts2, $hozt); next; }; if (($login_output =~ />/) || ($login_output =~ /\$/) || ($login_output =~ /#/)) { print "$login_output\n" if ($VERBOSE); #login has succeeded } else { push (@failed_login_hosts2, $hozt); print "$hozt login FAILED!\n" if ($VERBOSE); print OUTPUT "$hozt,login FAILED!\n"; next; } # disable terminal translations and echo on the SSH server # executing on the server the stty command: $ssh->exec("stty raw -echo"); my $op_version = &get_openssl_version($ssh); if ($op_version =~ /openssl/i) { print "$hozt $op_version\n" if ($VERBOSE); print OUTPUT "$hozt,$op_version\n"; } else { push (@failed_login_hosts2, $hozt); } $ssh-> close(); } @failed_login_hosts = @failed_login_hosts2; } foreach my $hozt (@failed_login_hosts) { print OUTPUT "$hozt,FAILED TO LOGIN\n"; } close OUTPUT; print "Results are in file $outfile\n"; print "Done.\n"; exit (0); sub get_filename { my $filetype = shift; print "$filetype filename? "; my $filename = ; return $filename; } sub get_openssl_version { my $ssh = shift; my $openssl_version = ''; $ssh->send("openssl version"); my $line_one = $ssh->read_line(); my $line_two = $ssh->read_line(); if ($line_one =~ /OpenSSL/i) { $openssl_version = $line_one; } else { $openssl_version = $line_two if ($line_two =~ /OpenSSL/i); } if ($openssl_version =~ /openssl/i) { $openssl_version =~ s/^.*openssl/OpenSSL/si; $openssl_version =~ s/\n.*$//si; } return $openssl_version; } sub get_openssl_version_exec { my $ssh = shift; my $openssl_version = ''; $openssl_version = $ssh->exec("openssl version", 3); if ($openssl_version =~ /openssl/i) { $openssl_version =~ s/^.*openssl/OpenSSL/si; $openssl_version =~ s/\n.*$//si; } return $openssl_version; }