clock_skew.sh

#!/usr/bin/env bash
# clock_skew.sh - Check remote hosts for clock skew (time drift), and
# output a warning or alert message based on defined thresholds.
#
# Instructions:
# Create a hosts.txt file that contains the list of hosts to be checked.
#
# hosts.txt should contain one host entry per line, and username and
# port fields are optional. Format:
#
# <username>@<host or IP address>:<port>
#
# Note: this is a proof-of-concept script so prompting for a single
# password to access all the hosts in your host.txt file may not be
# feasible. Consider modifying the script to handle prompting for multiple
# passwords, or use ssh keys.
#
# Set threshold variables below to your tolerance level.
#

# Thresholds
WARN=10
ALERT=20

# prompt for ssh password.
read -s -p "Enter password:" password
echo
export SSHPASS=$password

count=0

# loop through hosts.txt file entries.
for host in `cat hosts.txt`;
do
	IFS=':' read -a host_config <<< "${host}"

	h=${host_config[0]}

	if [ ! -z ${host_config[1]} ];
	then
		p=${host_config[1]}
	else
		p=22
	fi

	# get local and remote date/time.
	local_time=`date`
	remote_time=`sshpass -e ssh -p ${p} ${h} date`

	# convert the date/time to seconds from the Epoch.
	local_sec=`date --date="${local_time}" +%s`
	remote_sec=`date --date="${remote_time}" +%s`

	# calculate the time skew.
	skew=`expr ${remote_sec} - ${local_sec}`

	# output messages if thresholds are met.
	if [ $skew -ge $ALERT ];
	then
		echo "ALERT: Clock skew on ${h} is ${skew}."
		((count++))
	elif [ $skew -ge $WARN ];
	then
		echo "WARNING: Clock skew on ${h} is ${skew}."
		((count++))
	fi
done

if [ $count -eq 0 ];
then
	echo "Everything is running on time!"
fi

# clear password variable
export SSHPASS=''

Suggested modification : You should flush the stored password when the script completes or there is a break in execution.

Great point! Added a line to clear when complete. Handling a break in execution will be a todo for now.

Great thread with additional options on Reddit /r/sysadmin.