#!/bin/bash
# 交互式获取IP列表
IPLIST=()
echo "请输入需要修改密码的IP地址（每行一个，输入空行结束）："
while true; do
    read -p "IP地址: " ip
    if [[ -z "$ip" ]]; then
        break
    fi
    if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
        IPLIST+=("$ip")
    else
        echo "错误：$ip 不是有效的IP地址"
    fi
done

# 检查是否输入了IP
if [ ${#IPLIST[@]} -eq 0 ]; then
    echo "错误：未输入任何有效的IP地址！"
    exit 1
fi

# 交互式获取原始密码
while true; do
    read -s -p "请输入当前root密码: " PASS
    echo
    read -s -p "请再次确认当前root密码: " PASS2
    echo
    if [ "$PASS" = "$PASS2" ]; then
        break
    else
        echo "两次输入的密码不一致，请重新输入！"
    fi
done

# 交互式获取输出文件名
read -p "请输入密码保存文件名（默认：ip_pass.txt）: " output_file
output_file=${output_file:-ip_pass.txt}
if [ -f "$output_file" ]; then
    read -p "文件 $output_file 已存在，是否覆盖？[y/N] " overwrite
    if [[ ! $overwrite =~ ^[Yy]$ ]]; then
        echo "操作已取消"
        exit
    else
        mv -f "$output_file" "${output_file}.bak" 2>/dev/null
    fi
fi

. /etc/os-release

pre_os () {
if [[ $ID =~ ubuntu ]];then
   dpkg -l  sshpass &> /dev/null || { apt update; apt -y install sshpass; }
elif [[ $ID =~ rocky|centos|rhel ]];then
    rpm -q sshpass &>/dev/null || yum -y install sshpass
else
    echo "不支持当前操作系统"
    exit
fi
}

change_root_pass () {
for ip in "${IPLIST[@]}"; do
    pass=$(openssl rand -base64 9)
    echo "正在处理 $ip ..."
    sshpass -p "$PASS" ssh -n -o StrictHostKeyChecking=no root@$ip "echo root:$pass | chpasswd"
    if [ $? -eq 0 ]; then
        echo "$ip:root:$pass" >> "$output_file"
        echo "[成功] $ip 密码已修改"
    else
        echo "[失败] $ip 密码修改失败" >&2
    fi
done
}

pre_os
change_root_pass

echo "操作完成，新密码已保存至 $output_file"