#!/bin/bash
# v0.1.3

# where we find hashes
path='/bin /etc /home /lib /lib64 /mnt /opt /root /run /sbin /tmp /usr /var'

function usage  {
 echo -e "Usage: $0 [OPTIONS]"
 echo "OPTIONS: "
 echo -e "   -f     path to a file with IP addresses of Linux hosts"
 echo -e "   -g     hash type: md5, sha1, sha256, sha512"
 echo -e "   -v     display version"
 echo -e "   -h     display help\n"
 echo -e "EXAMPLE: "
 echo "$0 -f ip.txt -h md5"
}


function version {
 echo "$0 version 0.1.3"
 echo "License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>."
 echo "This is free software: you are free to change and redistribute it."
 echo "There is NO WARRANTY, to the extent permitted by law."
 exit
 }


function read_arguments {
 while getopts "f:g:vh" arg; do
   case "$arg" in
    f) ipfile="$OPTARG";;
    g) hash_type="$OPTARG";;
    v) version;;
    h) usage
       exit;;
   esac
   done
}


function check_arguments {
 type -P sshpass &>/dev/null; ret_sshpass="$?"
 [ "$ret_sshpass" != 0 ] && echo "Utility 'sshpass' not found, exititing" && exit 1

 [ ! -f "$ipfile" ] &&  echo -e "Can't find file with list of IP addresses of Linux systems!!!\n" && usage && exit 1
 if [ -z "$hash_type" ]; then
   echo -e "Enter hash type!!!\n" && usage && exit 1
 fi
  
 if [ "$hash_type" != 'md5' -a "$hash_type" != 'sha1' -a "$hash_type" != 'sha256' -a "$hash_type" != 'sha512' ]; then
   echo -e "Hash '$hash_type' is not correct hash type!!!\n" && usage && exit 1
 fi
}


function get_ssh_credentials {
  echo -e "\nEnter SSH credentials for all machines:"
  echo "---------------------------------------"
  read -p "username: " username </dev/tty
  [ -z "$username" ] && echo -e "\nUsername can't be empty; exiting" && exit 1

  read -s -p "password: " password </dev/tty
  [ -z "$password" ] && echo -e "\n\nPassword can't be empty; exiting" && exit 1
}


function check_ssh_connection {
 # check if IP is in correct format
 echo -e "\n\nChecking SSH connection to IPs you've provided in file '$ipfile':"
 echo "----------------------------------------------------------------"
 for line in $(cat $ipfile); do
   echo "$line" | grep -qP "^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$"; ret_ip="$?"
   [ "$ret_ip" != 0 ] && echo "IP address '$line' is not a valid IP in file '$ipfile', exiting" && exit 1
  
   ip="$line"

   # check if we can connect to IP
   sshpass -p "$password" ssh -o StrictHostKeyChecking=no "$username"@"$ip" exit &>/dev/null; ret_con="$?"

   if [ "$ret_con" == 0 ]; then
     echo -e "SSH connection to '$ip' is working"
   else
     echo -e "\nCan't connect to '$ip' with username '$username' and password you've provided, exiting" && exit 1
   fi
 done
}


function make_hash {
 echo -e "\nHashes can be stored on remote machines [locally] or on this PC [remotely]:"
 echo "---------------------------------------------------------------------------"
 echo "If hashes are saved locally, they are saved in '/home/$username' on remote machines."
 echo "Collecting is faster but you must download hashes manually via scp when collection is finished."
 echo -e "\nIf hashes are saved remotely, they are downloaded automatically to this PC but collection may be slow."
 echo 
 read -p "Do you want me to save hashes remotely or locally? [locally/remotely]: " choice </dev/tty

 echo -e "\nStarting parallel collecting of '$hash_type' hashes for IPs in '$ipfile', it may take of while:"

 for ip in $(cat $ipfile); do
    if [ "$choice" == 'remotely' ]; then
      echo $password | sshpass -p "$password" ssh -o StrictHostKeyChecking=no $username@$ip "sudo -S find $path -type f ! \
        -size 0 -exec "$hash_type"sum {} \;" &> "$hash_type"-"$ip".txt &
    elif [ "$choice" == 'locally' ]; then
      echo $password | sshpass -p "$password" ssh -o StrictHostKeyChecking=no $username@$ip "sudo -S find $path -type f ! \
	-size 0 -exec "$hash_type"sum {} \; > $hash_type-$ip.txt" &
    else
      echo -e "\n'$choice' is not a valid option, exiting" && exit 1
    fi

   echo "Collecting '$hash_type' from IP '$ip'"
 done
}


############## BODY ####################


read_arguments $@
check_arguments 
get_ssh_credentials
check_ssh_connection
make_hash