多主机SSH密钥配置
2013-12-03 00:00
232 查看
摘要: 平时需要管理多台主机,在内网内往往需要打通SSH密钥.主机相互之间需要两两配置SSH密钥,随着主机数量增多,此工作量甚是繁琐无味.
故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.
故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.
@Author duangr
@Website http://my.oschina.net/duangr/blog/181205
查看主机是否已安装expect
若没有安装,请下载expect-5.44.1.15-4.el6.x86_64
本文只针对64bit Centos6.4,若版本不符请网上搜索 http://rpm.pbone.net
上传工具包并解压
故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.
前言
平时需要管理多台主机,在内网内往往需要打通SSH密钥.主机相互之间需要两两配置SSH密钥,随着主机数量增多,此工作量甚是繁琐无味.故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.
@Author duangr
@Website http://my.oschina.net/duangr/blog/181205
1.相关环境
Host Name | OS | IP |
duangr-1 | CentOS 64 x86_64 | 192.168.56.10 |
duangr-2 | CentOS 64 x86_64 | 192.168.56.11 |
duangr-3 | CentOS 64 x86_64 | 192.168.56.12 |
2.部署规划
项 | 值 |
登陆用户 | hadoop |
用户密码 | yourpasswd |
安装路径 | /export/home/tools/ |
程序所在主机 | 192.168.56.10 |
其他远程主机 | 192.168.56.11,192.168.56.12 |
3.代码获取
ssh-key-generate2.tar.gz4.前提依赖
程序所在主机需要安装expect脚本查看主机是否已安装expect
[root@duangr-1 ~]# rpm -qa |grep -i expect expect-5.44.1.15-4.el6.x86_64
若没有安装,请下载expect-5.44.1.15-4.el6.x86_64
[root@duangr-1 ~]# rpm -ivh expect-5.44.1.15-4.el6.x86_64
本文只针对64bit Centos6.4,若版本不符请网上搜索 http://rpm.pbone.net
5.安装工具包
使用需要打通SSH密钥的用户(比如hadoop)登陆主机192.168.56.10上传工具包并解压
tar -zxf ssh-key-generate2.tar.gz -C /export/home/tools/ cd /export/home/tools/ssh-key-generate2 dos2unix * chmod 751 *.sh
6.配置密钥
6.1 修改配置
[hadoop@duangr-1 ssh-key-generate2]$ vi config.ini ######################## # config # ######################## # local address LOCAL_ADDR=192.168.56.10 ## 本机地址 # use "," to split mult addrs REMOTE_ADDR=192.168.56.11,192.168.56.12 ## 远程主机地址 # passwd PASSWD=yourpasswd ## 当前登录用户对应密码,目前只支持多主机密码相同的情况 # skip detect SKIP_DETECT=true ## 是否跳过探测的过程.此步骤的目的是在密钥打通后,依次从每台主机上向其他所有主机ssh登录一遍
6.2 打通密钥
[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh [2013-10-24 23:35:28] [INFO ] Using BIN_HOME: /export/home/tools/ssh-key-generate2 [2013-10-24 23:35:28] [INFO ] Using LOCAL_ADDR: 192.168.56.10 [2013-10-24 23:35:28] [INFO ] Using REMOTE_ADDR: 192.168.56.11,192.168.56.12 [2013-10-24 23:35:28] [INFO ] Using USER: hadoop [2013-10-24 23:35:28] [INFO ] Using PASSWD: yourpasswd [2013-10-24 23:35:28] [INFO ] Using SKIP_DETECT: true [2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init ... [2013-10-24 23:35:28] [INFO ] write authorized_keys_192.168.56.10 into authorized_keys ... [2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init over! [2013-10-24 23:35:28] [INFO ] remote host 192.168.56.11 ssh-key init ... [2013-10-24 23:35:33] [INFO ] write authorized_keys_192.168.56.11 into authorized_keys ... [2013-10-24 23:35:33] [INFO ] remote host 192.168.56.12 ssh-key init ... [2013-10-24 23:35:37] [INFO ] write authorized_keys_192.168.56.12 into authorized_keys ... [2013-10-24 23:35:37] [INFO ] all remote hosts init over! [2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts ... [2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.11 ... [2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.12 ... [2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts over!
6.3 查看帮助
[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh -help Usage: ssh-key-generate.sh -help show help informantion. Usage: ssh-key-generate.sh -v|-version show version informantion. Usage: ssh-key-generate.sh detect only detect between all remote hosts. Usage: ssh-key-generate.sh Generate SSH KEY between all hosts, please check config.ini before run. config.ini LOCAL_ADDR - Local host address. It's necessary. REMOTE_ADDR - Remote host address. It's necessary, Use ',' to split mult addrs PASSWD - All hosts default password. It's necessary.
相关文章推荐
- Linux 与 Windows 对UNICODE 的处理方式
- Ubuntu12.04下QQ完美走起啊!走起啊!有木有啊!
- Linux Generating SSH Keys
- 解決Linux下Android开发真机调试设备不被识别问题
- 运维入门
- 运维提升
- Ubuntu Linux使用体验
- c语言实现hashmap(转载)
- Linux 信号signal处理机制
- linux下mysql添加用户
- Scientific Linux 5.5 图形安装教程
- 基于 Linux 集群环境上 GPFS 的问题诊断
- 谁是桌面王者?Win PK Linux三大镇山之宝
- vivi下重新调整分区
- Linux VS Unix:Linux欲一统天下 Unix不死
- linux下设定环境变量
- Linux下修改MySQL编码的方法
- Linux串口通信
- 从Windows系统下访问Linux分区相关软件