Remote execution over the SSH
As an system administrator, you will often find yourself at the point where you need to execute commands or a local script on remote server/servers.
The first thing that might come to a mind is to manually connect to a remote server and type commands or copy a script. This might be fine if you have only one remote server, but what if you have 50?
The solutions is to utilize SSH connection. Yea, the same one what you would normally do when connecting to the remote server.
ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. If a command is specified, it is executed on the remote host instead of a login shell.
Tip:
Generate authentication keys to enable connection without a password prompt.
You still need a password when using sudo or with if using a file only options are to setup passwordless sudo, hardcode password in the script or echo a password in plain text which are not good practices.
SSH syntax allows to define commands executed in the remote server.
There are few ways to do this: give commands in a command field or pass the script content over the stdin.
The basic syntax: ssh USERNAME@HOST 'command'
#Run a command
ssh USER@HOST "command"
#Run multiple commands
ssh USER@HOST "command1 && command2" #Note that logical operators can be used!
ssh USER@HOST "command1 || command2"
ssh USER@HOST "command1 ; command2"
#Run a command with sudo privileges
ssh -t USER@HOST "sudo command"
#Without -t option, command gives an error, because sudo password should be asked somehow
#Option -t (force pseudo-terminal) can be used to execute arbitrary screen-based programs on a remote machine
# Note that the following sections combined with sudo commands require passwordless sudo configurations in server side
#Run a script
ssh USER@HOST "bash -s" < script.sh #Note that filename can be named as anything (asd.txt), < just directs file content
#Option -s makes bash to read from stdin where the script content is directed
#Run a script with commandline arguments
ssh USER@HOST "bash -s" < script.sh arg1
Here Document
The Here Document (HereDoc) is a block of code/text that is redirected/passed to the command or interactive program.
Syntax:
COMMAND <<EOF
firstline
secondline
EOF
COMMAND can be any command that accepts redirection (cat, wc, ssh etc). << redirection operator, directs the content of the block to the command.
Delimiter token (EOF in the example) describes the start and the end of the document. Delimiter token name can be anything but of course names must match at start and the end. Note that delimited token must be unique, meaning that it cannot appear in the content!
It's possible to use tabs as a identation in HereDoc block, but remember to add a dash (-) between redirection operator and token to suppress them. Note that spaces are not suppressed!
VAR1="Hi!"
cat <<-EOF
${VAR1} #variable reference
My name is $(whoami) #command substitution
EOF
#output
#Hi!
#My name is user
What this mean with ssh execution? You can describe a part of your code that is executed on the remote server, not the whole script!
echo "im on my local shell!"
ssh USER@HOST "bash -s" <<-EOF
#the following commands are executed on the remote server
echo "im on the remote shell!"
echo "remoteuser is \$(whoami)"
EOF
# Note! Use escape charater (\) in front of variable or command substitution in remote machine!
# Without escape char, local values are used!
echo "back on the local shell!"