Linux 多台主机配置 ssh 互信脚本
【摘要】
互信是指配置免密登录另一台主机,常用于自动化脚本!
以下分享个互信脚本:
DEST_USER=$1
PASSWORD=$2
HOSTS_FILE=$3
if [ $# -ne 3 ]; t...
互信是指配置免密登录另一台主机,常用于自动化脚本!
以下分享个互信脚本:
DEST_USER=$1
PASSWORD=$2
HOSTS_FILE=$3
if [ $# -ne 3 ]; then
echo "Usage:"
echo "$0 remoteUser remotePassword hostsFile"
exit 1
fi
if [ "${DEST_USER}" != "root" ]; then
cd /home/"${DEST_USER}"/ || return
fi
SSH_DIR=~/.ssh
SCRIPT_PREFIX=./tmp
echo ===========================
# 1. prepare directory .ssh
mkdir $SSH_DIR
chmod 700 $SSH_DIR
# 2. generat ssh key
TMP_SCRIPT=$SCRIPT_PREFIX.sh
{
echo "#!/usr/bin/expect"
echo "spawn ssh-keygen -b 1024 -t rsa"
echo "expect *key*"
echo "send \r"
} >>$TMP_SCRIPT
if [ -f $SSH_DIR/id_rsa ]; then
{
echo "expect *verwrite*"
echo "send y\r"
} >>$TMP_SCRIPT
fi
{
echo "expect *passphrase*"
echo "send \r"
echo "expect *again:"
echo "send \r"
echo "interact"
} >>$TMP_SCRIPT
chmod +x $TMP_SCRIPT
/usr/bin/expect $TMP_SCRIPT
rm -rf $TMP_SCRIPT
# 3. generat file authorized_keys
cat $SSH_DIR/id_rsa.pub >>$SSH_DIR/authorized_keys
# 4. chmod 600 for file authorized_keys
chmod 600 $SSH_DIR/authorized_keys
echo ===========================
# 5. copy all files to other hosts
for ip in $(<"${HOSTS_FILE}"); do
if [ "x$ip" != "x" ]; then
echo -------------------------
TMP_SCRIPT=${SCRIPT_PREFIX}.$ip.sh
# check known_hosts
val=$(ssh-keygen -F "${ip}")
if [ "x$val" == "x" ]; then
echo "$ip not in $SSH_DIR/known_hosts, need to add"
val=$(ssh-keyscan "${ip}" 2>/dev/null)
if [ "x$val" == "x" ]; then
echo "ssh-keyscan $ip failed!"
else
echo "${val}" >>$SSH_DIR/known_hosts
fi
fi
echo "copy $SSH_DIR to $ip"
{
echo "#!/usr/bin/expect"
echo "spawn scp -r $SSH_DIR $DEST_USER@$ip:~/"
echo "expect *assword*"
echo "send $PASSWORD\r"
echo "interact"
} >"$TMP_SCRIPT"
chmod +x "$TMP_SCRIPT"
/usr/bin/expect "$TMP_SCRIPT"
rm -rf "$TMP_SCRIPT"
echo "copy done."
fi
done
# 6. date ssh
for ip in $(<"$HOSTS_FILE"); do
if [ "x$ip" != "x" ]; then
{
echo "#!/usr/bin/expect"
echo "spawn ssh $DEST_USER@$ip date"
echo "expect *yes*"
echo "send yes\r"
echo "interact"
} >"$TMP_SCRIPT"
chmod +x "$TMP_SCRIPT"
/usr/bin/expect "$TMP_SCRIPT"
rm -rf "$TMP_SCRIPT"
echo "copy done."
fi
done
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
创建一个脚本 sshtrust.sh,将以上内容写入脚本!
支持多台主机进行互信,创建一个 sshhostList.cfg 文件,将需要配置互信的主机IP写入:
10.211.55.100
10.211.55.101
10.211.55.102
- 1
- 2
- 3
执行如下命令互信:
sh sshtrust.sh 互信用户 互信用户密码 sshhostList.cfg
- 1
执行完成后,即配置互信成功!
本次分享到此结束啦~
如果觉得文章对你有帮助,点赞、收藏、关注、评论,一键四连支持,你的支持就是我创作最大的动力。
❤️ 技术交流可以 关注公众号:Lucifer三思而后行 ❤️
文章来源: luciferliu.blog.csdn.net,作者:Lucifer三思而后行,版权归原作者所有,如需转载,请联系作者。
原文链接:luciferliu.blog.csdn.net/article/details/120319698
【版权声明】本文为华为云社区用户转载文章,如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱:
cloudbbs@huaweicloud.com
- 点赞
- 收藏
- 关注作者
评论(0)