I was recently asked to create a script that should calculate the hash values of all files on remote computers. The collection must be done in parallel on all computers. My choice fell on Bash because it allows to quickly collect hashes using a combination of SSH, sshpass, find and hash (coreutils package).
The collect_hashes.sh script uses SSH to connect to remote computers with IP addresses defined in the file. You enter a hash type and you are prompted for a user name and password. The credentials are same for all machines.
The hash collection command is prefixed with sudo to execute command with root privileges. This is needed to calculate the hashes of all the files on the disk, e..g in direcotry /root. Therefore, the / etc / sudoers file should contain a configuration that allows the user to run at least all the commands needed to collect hashes.
Picture 1 - Script Syntax
The script reads IP addresses from a file and uses provided credentials to connect to remote machines. It firstly checks if all the computers are reachable. If not, the script will end. Once connectivity checking is done, the script will ask you to select whether you wish to store hashes either locally or remotely. If hashes are stored locally, a separate file is created for each IP address on your local machine and the hashes are stored into the file. The file format is hash_type-ip.txt e.g. md5-192.168.1.1.txt. You can check progress of hash collection by checking the size of the file, as more and more hashes are added to it on the fly.
If hashes are stored remotely, you must download them manually from remote computers, e.g. with scp utility.
Utility sshpass is used to mask the password on the output of the ps command.
End.