How can I run an expect script to SSH in a server and set a value inside a bash script

Question

I have a doozy. I have a some servers I can access that have a BMC (baseboard management controller) on the server, but it is only accessible when you have already SSHd to the server on an interface (via a data path as it were). This BMC houses a mini OS, but the date on this OS is completely off, usually by a month or more, and not having access to outside network resources (unless you scp them over) it needs to be set manually as far as I can tell. I am trying to write a bash script to SSH to the server and grab the current date (which is correct), then use expect to SSH to the BMC with a known password and set the date based off of what the server had set, but it just runs the script and exits and does not change it. The even more difficult part is sometimes there are 2 expect prompts (one for do you really want to connect (yes/no), the other for the password). I dug around and they isn't an answer I found for this intricate of an issue. Also I am a bit new to expect and running it inside bash script is difficult. Could I get some help please?

I have tried using EOD inside the bash script to call a portion of expect to run, but no dice. I also tried using my current code: expect -c "spawn ssh root@address "date -s $DATE" expect { "(yes/no)"} send -- "yes\r" } "My_known_PW" } but the same result

#!/bin/bash
ssh root@$1 -oConnectTimeout=2 << "EOF"
PW="Known_PW"
DATE=$(date +"%y%m%d%H%M")
expect -c "
spawn ssh root@fe80::ff:feff:1%usb0 "date -s $DATE"
expect {
  "(yes/no)" {
    send -- "yes\r"
  }
  "$PW"
}
EOF

Expected outcome: SSH to inputted server, grabs the current date in YYMMDDHHMM format (i.e. 1908031250) and sets to variable DATE. Then SSHs to BMC and sets date from $DATE and exits. All it does is exit

Answer 1

expect is built atop tcl which is a fully functional scripting language with datetime facilities built-in. You don't need to pass a shell variable into the expect body here:

ssh $USER@$1 -qoConnectTimeout=2 << "EOF"
    $(type -P expect) << 'EOD'
        set date [clock format [clock seconds] -format "%y%m%d%H%M"]
        spawn ssh root@fe80::ff:ff80:1%usb0 -o StrictHostKeyChecking=no "date -s $date"
        expect "password:"
        send "my_password\r"
        expect eof

EOD
EOF

Answer 2

Figured it out! I basically had to use "expect eof" as it helps make sure the terminal is ready before executing a command if I understand this correctly. Code now reads:

#!/bin/bash

if [[ $(ssh root@$1 -oBatchMode=yes -oConnectTimeout=2 -oLogLevel=QUIET "exit") ]];then
  USER=root
else
  USER=siteops
fi
ssh $USER@$1 -qoConnectTimeout=2 << "EOF"
DATE=$(date +"%y%m%d%H%M")
$(type -P expect) << EOD
spawn ssh root@fe80::ff:ff80:1%usb0 -o StrictHostKeyChecking=no "date -s $DATE"
expect "password:"
  send "my_password\r"
expect eof
EOD
EOF
exit

Answer 3

There are few reasons why you might see the do you really want to connect (yes/no)

1. This machine is new and never been connected to it before
2. Machine signature has been manually removed from the whitelist(authorized_keys).
3. Previous SSH commands had strict instructions to not log the machine signature on the list of authorized machines.

Any of the above will prompt SSH to issue this warning.

You can find all the whitelisted IPs and their host signature in the ~/.ssh/authorized_keys file.

If you trust the remote machine, you can instruct SSH to consider the machine is trusted regardless of the machine signature. This can be done by adding -o StrictHostKeyChecking=no to SSH command.

ssh -o StrictHostKeyChecking=no root@fe80::ff:feff:1%usb0

You may wish to use a NTPd server for time synchronization. It looks like a long-winded way to achieve this at the moment.

If not you can also use an automation tool like SaltStack or Chef to do this more efficiently and stably.