We got many keys for some wifi APs around, so we put them in a delimited text file like:

ap8599:5537801570
sd6980:5202140314
wq0858:5953230520

now, when we are around, we want a script that we can tell: "connect to ap6980 if you see it around, if you need a key, take it from the text file, if you dont' have a key for it, try to connect without one".

This is our connection script:

#!/bin/bash

ap=$@
i=wlan0

#------------------------------------------------------------------------------------------------------------------
#  Scan for wireless networks, and pretty print the quality, the essid, and if we require encryption
#-----------------------------------------------------------------------------------------------------------------
scanw () {
i=$1
        echo "#---- scanning on $i"
(       ifconfig $i up
        iwlist $i scan | egrep -i 'essid|freq|qual|encr' |nawk 'ORS=NR%4?" ":"\n"'| tr -s ' '| while read l;do
                AP=`echo "$l "|awk '{s=substr($0,index($0,"ESSID:")+7);print substr(s,1,index(s,"\"")-1)}'`
                EN=`echo "$l "|awk '{s=substr($0,index($0,"Encryption key:")+15);print substr(s,1,index(s," ")-1)}'`
                QU=`echo "$l "|awk '{s=substr($0,index($0,"Quality=")+8);print substr(s,1,index(s,"/")-1)}'`
                echo "$QU:$EN:$AP"
        done
) | sort -n
}


ifconfig -a | egrep -i 'mon|wlan' | awk '{ print $1 }' |while read i;do airmon-ng stop $i; done > /dev/null 2>&1
ifconfig $i down
ifconfig $i up
#--- extract the fist occurrence of the accesspoint in our database
L=`grep -i "$ap" ~/keys.txt| head -1`
C=`echo -n $L | wc -c`
auth=1
if [ $C -lt 1 ];then
        echo "------------- AP $ap not found in database, will try to connect without auth"
        auth=0
fi
scanw $i > /tmp/scan.$$
cat /tmp/scan.$$
S=`grep $ap /tmp/scan.$$|wc -c`
rm /tmp/scan.$$
if [ $S -lt 1 ];then
        echo "------------- AP $ap is not in range, cannot connect"
        exit 1
fi
if [ $auth -eq 1 ];then
        #---if we found an accesspoint in our database work with it
        AP=`echo $L | awk -F':' '{ print $1 }'`
        K=`echo $L | awk -F':' '{ print $2 }'`
        echo "------------- Connecting to $AP with key $K"
        iwconfig $i mode managed key $K essid "$AP" rate auto
else
        AP=$ap
        echo "------------- Connecting to $AP without key"
        iwconfig $i mode managed key off essid "$AP" rate auto
fi
x=0
while [ $x -lt 6 ];do
        A=`iwconfig $i | grep -i 'Not-Associated'|wc -c`
        if [ ${A} -eq 0 ];then
                echo "------------- Associated to $AP !!!"
                dhclient -q -r $i
                dhclient $i
                exit 0
        else
                echo "------------- Not Associated yet to $AP, $x"
        fi
        sleep 1
        x=`echo "$x + 1" | bc`
done

so, iwlist throws its output in different order depending of the wifi nic, so we need to scan and parse, to see 3 columns: 

signal strength: encryption needed: ESSID
27:on:CASA
27:on:AP1133
30:on:CC5763
32:on:XX1330
36:off:gg54g

So, we wrote a script called "scan" that loops to all wlan interfaces and scans for APs.

#!/bin/bash

ifconfig -a  |grep -i wlan | awk '{ print $1 }'|while read i;do
        echo "#---- scanning on $i"
(       ifconfig $i up
        iwlist $i scan | egrep -i 'essid|freq|qual|encr' |nawk 'ORS=NR%4?" ":"\n"'| tr -s ' '| while read l;do
                AP=`echo "$l "|awk '{s=substr($0,index($0,"ESSID:")+7);print substr(s,1,index(s,"\"")-1)}'`
                EN=`echo "$l "|awk '{s=substr($0,index($0,"Encryption key:")+15);print substr(s,1,index(s," ")-1)}'`
                QU=`echo "$l "|awk '{s=substr($0,index($0,"Quality=")+8);print substr(s,1,index(s,"/")-1)}'`
                echo "$QU:$EN:$AP"
        done
) | sort -n
done

if you run airoscript too much you'll be left with mon0, mon1, mon2... etc

To remove them all you can do:

ifconfig -a | grep -i mon | awk '{ print $1 }' | while read i;do airmon-ng stop $i;done

If we check this "passwd -sa" output:

bash-3.00# passwd -sa | egrep 'rdircio|root'
root      PS
rdircio   PS    12/21/09    14    56    14

It means that root's password never expires since it doesn't have any expiry rule. rdircio's password was last changed 12/21/09, the system won't let me change it but 14 days after 12/21/09, it will expire and need be changed 56 days after 12/21/09, i will be warned 14 days before it expires that i need to change it

If you don't have direct access from your PC to the cluster server, but another unix jumphost has, you can do the same as for the dracs and the ilos.

The connectivity is

PC-jumphost-clusternode

in your PC you can do a:

ssh -g jumphost -L 14141:clusternode:14141 -L 14150:clusternode:14150

Then, open the "Veritas Cluster Manager" software in your PC, and point it to "localhost", and you'll be managing the remote cluster :)

For Veritas Enterprise Administrator (vea), we only need to forward one port:

ssh -g jumphost -L 2148:veanode:2148