您的位置:首页 > 运维架构 > Linux

多主机SSH密钥配置

2013-12-03 00:00 232 查看
摘要: 平时需要管理多台主机,在内网内往往需要打通SSH密钥.主机相互之间需要两两配置SSH密钥,随着主机数量增多,此工作量甚是繁琐无味.

故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.

前言

平时需要管理多台主机,在内网内往往需要打通SSH密钥.主机相互之间需要两两配置SSH密钥,随着主机数量增多,此工作量甚是繁琐无味.

故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.

@Author duangr

@Website http://my.oschina.net/duangr/blog/181205

1.相关环境

Host Name OS IP
duangr-1 CentOS 64 x86_64 192.168.56.10
duangr-2
CentOS 64 x86_64
192.168.56.11
duangr-3
CentOS 64 x86_64
192.168.56.12

2.部署规划

登陆用户 hadoop
用户密码 yourpasswd
安装路径 /export/home/tools/
程序所在主机 192.168.56.10
其他远程主机 192.168.56.11,192.168.56.12

3.代码获取

ssh-key-generate2.tar.gz

4.前提依赖

程序所在主机需要安装expect脚本

查看主机是否已安装expect

[root@duangr-1 ~]# rpm -qa |grep -i expect
expect-5.44.1.15-4.el6.x86_64


若没有安装,请下载expect-5.44.1.15-4.el6.x86_64

[root@duangr-1 ~]# rpm -ivh expect-5.44.1.15-4.el6.x86_64

本文只针对64bit Centos6.4,若版本不符请网上搜索 http://rpm.pbone.net

5.安装工具包

使用需要打通SSH密钥的用户(比如hadoop)登陆主机192.168.56.10

上传工具包并解压

tar -zxf ssh-key-generate2.tar.gz -C /export/home/tools/
cd /export/home/tools/ssh-key-generate2
dos2unix *
chmod 751 *.sh


6.配置密钥

6.1 修改配置 

[hadoop@duangr-1 ssh-key-generate2]$  vi config.ini
########################
#        config        #
########################
# local address
LOCAL_ADDR=192.168.56.10                    ## 本机地址
# use "," to split mult addrs
REMOTE_ADDR=192.168.56.11,192.168.56.12     ## 远程主机地址
# passwd
PASSWD=yourpasswd                           ## 当前登录用户对应密码,目前只支持多主机密码相同的情况
# skip detect
SKIP_DETECT=true                            ## 是否跳过探测的过程.此步骤的目的是在密钥打通后,依次从每台主机上向其他所有主机ssh登录一遍


6.2 打通密钥 

[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh
[2013-10-24 23:35:28] [INFO ] Using BIN_HOME:            /export/home/tools/ssh-key-generate2
[2013-10-24 23:35:28] [INFO ] Using LOCAL_ADDR:          192.168.56.10
[2013-10-24 23:35:28] [INFO ] Using REMOTE_ADDR:         192.168.56.11,192.168.56.12
[2013-10-24 23:35:28] [INFO ] Using USER:                hadoop
[2013-10-24 23:35:28] [INFO ] Using PASSWD:              yourpasswd
[2013-10-24 23:35:28] [INFO ] Using SKIP_DETECT:         true
[2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init ...
[2013-10-24 23:35:28] [INFO ] write authorized_keys_192.168.56.10 into authorized_keys ...
[2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init over!
[2013-10-24 23:35:28] [INFO ] remote host 192.168.56.11 ssh-key init ...
[2013-10-24 23:35:33] [INFO ] write authorized_keys_192.168.56.11 into authorized_keys ...
[2013-10-24 23:35:33] [INFO ] remote host 192.168.56.12 ssh-key init ...
[2013-10-24 23:35:37] [INFO ] write authorized_keys_192.168.56.12 into authorized_keys ...
[2013-10-24 23:35:37] [INFO ] all remote hosts init over!
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.11 ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.12 ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts over!


6.3 查看帮助 

[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh -help

Usage:  ssh-key-generate.sh -help
show help informantion.

Usage:  ssh-key-generate.sh -v|-version
show version informantion.

Usage:  ssh-key-generate.sh detect
only detect between all remote hosts.

Usage:  ssh-key-generate.sh
Generate SSH KEY between all hosts, please check config.ini before run.

config.ini
LOCAL_ADDR          - Local host address. It's necessary.
REMOTE_ADDR         - Remote host address. It's necessary, Use ',' to split mult addrs
PASSWD              - All hosts default password. It's necessary.
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  linux ssh ssh-key 简易安装
相关文章推荐
新的分享
章节导航