ssh-list
is a small wrapper around parallel-ssh
which reads lists of hosts
from LDAP.
The usage of ssh-list
looks like:
ssh-list <TYPE> [arguments to parallel-ssh]
The argument <TYPE>
is interpreted by ssh-list
, and the arguments after are
passed verbatim to parallel-ssh
.
In most cases, you want at least -i
in the arguments to parallel-ssh. -i
prints out the stdout and stderr for each host you are running the command on.
For example:
ssh-list all -i whoami
In most cases, it's most useful to use a type like desktop
rather than all
.
If you get a ton of authentication errors, don't provide your password, just do
kinit $USER
first (your Kerberos ticket probably expired, or you probably
logged in with an SSH key).
Some useful commands are below (please add more!):
Anyone in ocfroot
can call sudo puppet-trigger
without providing a
password.
ssh-list desktop -i 'sudo puppet-trigger'
Anyone in ocfroot
can call sudo shutdown
without providing a password.
ssh-list desktop -i '[ $(who | wc -l) -eq 0 ] && sudo shutdown -r now'
apt-get update
to clear apt caches ocfroot
can't run passwordless apt-get
, so you need to use the apt-dater
keytab.
From supernova:
sudo kinit -k -t /root/apt-dater.keytab 'apt-dater@OCF.BERKELEY.EDU' \
ssh-list desktop -l apt-dater -i 'sudo apt-get update'