安装oath-toolkit
$ brew install oath-toolkit
获取MFA SECRET
git clone https://github.com/scito/extract_otp_secret_keys.git --depth=1pip3 install protobufpip3 install qrcode[pil]- 打开app -> 转移账号 -> 导出账号 -> 选择账号 -> 识别二维码 保存到a.txt
python3 extract_otp_secret_keys.py -p a.txt 获取secret
配置环境变量
SSH_TERMINAL_PORT='5678'
SSH_TERMINAL_USER='root'
SSH_TERMINAL_IP='192.168.50.50'
MFA_SECRET=***************
MY_PASSWORD=*****************
export SSH_TERMINAL_PORT
export SSH_TERMINAL_USER
export SSH_TERMINAL_IP
export MY_PASSWORD
export MFA_SECRET
alias mfa='oathtool --totp -b ${MFA_SECRET}'
expect 脚本
#!/usr/bin/expect
spawn ssh -p $env(SSH_TERMINAL_PORT) $env(SSH_TERMINAL_USER)@$env(SSH_TERMINAL_IP)
expect "*password*" {send "$env(MY_PASSWORD)\r"}
expect "*auth*" {
set code [exec oathtool --totp -b $env(MFA_SECRET) ]
send "$code\r"}
# expect "*Opt*" {send "p\r"}
interact
expect 脚本 根据参数,跳转不同ip /usr/local/bin/test dev
#!/usr/bin/expect
set serverName [lindex $argv 0]
# puts "serverName: $serverName"
set ip ""
if {$serverName == "pre"} {
set ip 192.168.0.1
} elseif {$serverName == "test"} {
set ip 192.168.0.2
} elseif {$serverName == "dev"} {
set ip 192.168.0.3
}
spawn ssh -p $env(SSH_TERMINAL_PORT) $env(SSH_TERMINAL_USER)@$env(SSH_TERMINAL_IP)
expect "*password*" {send "$env(MY_PASSWORD)\r"}
expect "*auth*" {
set code [exec oathtool --totp -b $env(MFA_SECRET) ]
send "$code\r"}
expect "*Opt*" {send "p\r"}
if {$ip != ""} {
expect "*Host*" {send "$ip\r"}
}
interact
expect api man expect
spawn 交互程序开始后面跟命令或者指定程序expect 获取匹配信息匹配成功则执行expect后面的程序动作send exp_send 用于发送指定的字符串信息exp_continue 在expect中多次匹配就需要用到exit 退出expect脚本eof expect执行结束 退出set 定义变量puts 输出变量 相当于shell中的echoset timeout 设置超时时间sleep seconds 睡眠时长if {true} {} elseif {true} {} else {}lindex $argv 0 脚本第一个参数lrange $argv 1 end