initial commit

.gitignore

+reated by https://www.gitignore.io/api/macos,windows,sublimetext,visualstudiocode
+
+### macOS ###
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### SublimeText ###
+# cache files for sublime text
+*.tmlanguage.cache
+*.tmPreferences.cache
+*.stTheme.cache
+
+# workspace files are user-specific
+*.sublime-workspace
+
+# project files should be checked into the repository, unless a significant
+# proportion of contributors will probably not be using SublimeText
+# *.sublime-project
+
+# sftp configuration file
+sftp-config.json
+
+# Package control specific files
+Package Control.last-run
+Package Control.ca-list
+Package Control.ca-bundle
+Package Control.system-ca-bundle
+Package Control.cache/
+Package Control.ca-certs/
+Package Control.merged-ca-bundle
+Package Control.user-ca-bundle
+oscrypto-ca-bundle.crt
+bh_unicode_properties.cache
+
+# Sublime-github package stores a github token in this file
+# https://packagecontrol.io/packages/sublime-github
+GitHub.sublime-settings
+
+### VisualStudioCode ###
+.vscode/*
+!.vscode/settings.json
+!.vscode/tasks.json
+!.vscode/launch.json
+!.vscode/extensions.json
+.history
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.gitignore.io/api/macos,windows,sublimetext,visualstudiocode
+
+config

README.md

+# 堡垒机自动登录
+
+## 登录信息配置
+
+把 `config.sample` 改名 `config`，设置堡垒机参数，`用户名`、`密码`、`主机 IP` 和 `Key`。 `Key` 需要让运维帮忙设置，登录时重新绑定，复制下来不要完成绑定。
+
+## 设置环境变量
+
+修改 `.bash_profile` 或者 `.zshrc`，
+
+```
+export AUTO_LOGIN_HOME=~/auto_login/
+export PATH="$PATH:$AUTO_LOGIN_HOME"
+```
+
+注意把 `AUTO_LOGIN_HOME` 的目录设置成自己的目录
+
+## TODO
+
+* 多窗口同时登录
+* 支持直接输入 IP
\ No newline at end of file

alogin

+#!/usr/bin/env bash
+. config
+
+if [ -n "$AUTO_LOGIN_HOME" ] ; then
+	token=$(python "$AUTO_LOGIN_HOME/onetimepass.py")
+else
+	echo "AUTO_LOGIN_HOME not config"
+	token=$(python onetimepass.py)
+fi	
+expectlogin.sh ${username} ${password} ${host} ${token} 
\ No newline at end of file

config.sample

+username=name
+password=password
+host=fort-qz.quantgroups.com
+secret=XXXXXXX
\ No newline at end of file

expectlogin.sh

+#!/usr/bin/expect
+
+set username [lindex $argv 0]
+set password [lindex $argv 1]
+set host [lindex $argv 2]
+set otp [lindex $argv 3]
+
+set timeout 10
+spawn ssh "${username}@${host}"
+
+expect {
+        "Password"
+        {send "$password $otp\n";exp_continue}
+        "Select group"
+        {send 0\n0\n;exp_continue}
+}
+interact
\ No newline at end of file

onetimepass.py

+# reference https://github.com/tadeck/onetimepass
+
+import base64
+import hashlib
+import hmac
+import six
+import struct
+import time
+import os
+# from configobj import ConfigObj
+
+def get_hotp(
+        secret,
+        intervals_no,
+        as_string=False,
+        casefold=True,
+        digest_method=hashlib.sha1,
+        token_length=6,
+):
+    """
+    Get HMAC-based one-time password on the basis of given secret and
+    interval number.
+    :param secret: the base32-encoded string acting as secret key
+    :type secret: str or unicode
+    :param intervals_no: interval number used for getting different tokens, it
+        is incremented with each use
+    :type intervals_no: int
+    :param as_string: True if result should be padded string, False otherwise
+    :type as_string: bool
+    :param casefold: True (default), if should accept also lowercase alphabet
+    :type casefold: bool
+    :param digest_method: method of generating digest (hashlib.sha1 by default)
+    :type digest_method: callable
+    :param token_length: length of the token (6 by default)
+    :type token_length: int
+    :return: generated HOTP token
+    :rtype: int or str
+    >>> get_hotp(b'MFRGGZDFMZTWQ2LK', intervals_no=1)
+    765705
+    >>> get_hotp(b'MFRGGZDFMZTWQ2LK', intervals_no=2)
+    816065
+    >>> result = get_hotp(b'MFRGGZDFMZTWQ2LK', intervals_no=2, as_string=True)
+    >>> result == b'816065'
+    True
+    """
+    if isinstance(secret, six.string_types):
+        # It is unicode, convert it to bytes
+        secret = secret.encode('utf-8')
+    # Get rid of all the spacing:
+    secret = secret.replace(b' ', b'')
+    try:
+        key = base64.b32decode(secret, casefold=casefold)
+    except (TypeError):
+        raise TypeError('Incorrect secret')
+    msg = struct.pack('>Q', intervals_no)
+    hmac_digest = hmac.new(key, msg, digest_method).digest()
+    ob = hmac_digest[19] if six.PY3 else ord(hmac_digest[19])
+    o = ob & 15
+    token_base = struct.unpack('>I', hmac_digest[o:o + 4])[0] & 0x7fffffff
+    token = token_base % (10 ** token_length)
+    if as_string:
+        # TODO: should as_string=True return unicode, not bytes?
+        return six.b('{{:0{}d}}'.format(token_length).format(token))
+    else:
+        return token
+
+
+def get_totp(
+        secret,
+        as_string=False,
+        digest_method=hashlib.sha1,
+        token_length=6,
+        interval_length=30,
+        clock=None,
+):
+    """Get time-based one-time password on the basis of given secret and time.
+    :param secret: the base32-encoded string acting as secret key
+    :type secret: str
+    :param as_string: True if result should be padded string, False otherwise
+    :type as_string: bool
+    :param digest_method: method of generating digest (hashlib.sha1 by default)
+    :type digest_method: callable
+    :param token_length: length of the token (6 by default)
+    :type token_length: int
+    :param interval_length: length of TOTP interval (30 seconds by default)
+    :type interval_length: int
+    :param clock: time in epoch seconds to generate totp for, default is now
+    :type clock: int
+    :return: generated TOTP token
+    :rtype: int or str
+    >>> get_hotp(b'MFRGGZDFMZTWQ2LK', int(time.time())//30) == \
+        get_totp(b'MFRGGZDFMZTWQ2LK')
+    True
+    >>> get_hotp(b'MFRGGZDFMZTWQ2LK', int(time.time())//30) == \
+        get_totp(b'MFRGGZDFMZTWQ2LK', as_string=True)
+    False
+    """
+    if clock is None:
+        clock = time.time()
+    interv_no = int(clock) // interval_length
+    return get_hotp(
+        secret,
+        intervals_no=interv_no,
+        as_string=as_string,
+        digest_method=digest_method,
+        token_length=token_length,
+    )
+
+def parse_config(name):
+    file_name = gen_file_path(name)
+    myvars = {}
+    with open(file_name) as config_file:
+        for line in config_file:
+            name, var = line.partition("=")[::2]
+            value = var.strip()
+            value = var.strip("\"")
+            value = value.strip("\'")
+            myvars[name.strip()] = value
+    return myvars
+
+def gen_file_path(name):
+    dir_path = os.path.dirname(os.path.realpath(__file__))
+    return os.path.join(dir_path, name)
+
+def main():  
+
+    config = parse_config('config')
+    my_secret = config['secret']
+    my_token = get_totp(my_secret)
+    print my_token
+main()     
\ No newline at end of file