shell脚步配置ssh免密登录 - 第一版
2018-03-20 18:29
183 查看
1、作用:
配合ssh免密登录,如果在主机比价少的情况下,手动配合所用的时间也很快,但如果主机有上百台上千台,那必须写个脚步来实现自动配置ssh免密。我在百度、狗狗上搜索了许多教程,都不能实现一键配置,无奈只好自己写一个。
只需要在主节点上执行当前脚步,就可以配置全集群的ssh免密。
2、配置:
centos7系统3、思路:UML图
Created with Raphaël 2.1.2开始所有需要配置ssh免密主机循环判断公钥是否已经存在发送公钥所有需要配置ssh的主机循环完毕!!结束创建公钥私钥yesnoyesnoyesno上面的流程图画的不是很好,但思路是对的
接下来上代码
4、安装expect
已经安装了的可以跳过yum install expect
5、shell脚步:autoSSHLogin.sh
#!/bin/bash #主机名(以空格隔开) SERVERS="wpixel01 wpixel02 wpixel03 wpixel04" #用户名 USERNAME=root #密码 PASSWORD=root #执行ssh-copy-id的命令 auto_ssh_copy_id() { expect -c "set timeout -1; spawn ssh -t -p 22 root@$3 ssh-copy-id $1 expect { *(yes/no)* {send -- yes\r;exp_continue;} *assword* {send -- $2\r;exp_continue;} eof {exit 0;} }"; } #循环拷贝ssh ssh_copy_id_to_all() { echo "执行免密登录操作.............." echo "-----copy to $SERVER-----" for SERVER in $SERVERS do auto_ssh_copy_id $SERVER $PASSWORD $1 done } #创建ssh key create_ssh_keygen() { echo "创建ssh公钥秘钥..............." expect -c "set timeout -1; spawn ssh root@$1 ssh-keygen -t rsa; expect { Enter* {send -- \r;exp_continue;} *password* {send -- $PASSWORD\r;exp_continue;} *(yes/no)* {send -- yes\r;exp_continue;} eof {exit 0;} }"; ssh_copy_id_to_all $1 } #ssh到其他节点创建key并配置免密 to_master() { echo "ssh $1 ......" expect -c "set timeout -1; spawn ssh root@$1 ssh-keygen -t rsa expect { Enter* {send -- \r;exp_continue;} *(y/n)* {send -- y\r;exp_continue;} eof {exit 0;} }"; expect -c "set timeout -1; spawn ssh root@$1 ssh_copy_id_to_all " } #判断ssh key是否存在 check_ssh_key_exist() { if [ -f "ssh root@$1 /root/.ssh/id_rsa.pub" ];then echo "ssh公钥秘钥文件已经存在" ssh_copy_id_to_all $1 else echo "ssh公钥秘钥文件不存在" create_ssh_keygen $1 fi } #主方法 main(){ for SERVER in $SERVERS do echo "---$SERVER---" check_ssh_key_exist $SERVER done } #调用主程序 main
6、运行脚步
[root@wpixel01 www]# ./autoSSHLogin.sh ---wpixel01--- ssh公钥秘钥文件不存在 创建ssh公钥秘钥............... spawn ssh root@wpixel01 ssh-keygen -t rsa The authenticity of host 'wpixel01 (10.211.55.111)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'wpixel01,10.211.55.111' (ECDSA) to the list of known hosts. root@wpixel01's password: Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: e8:c8:d7:49:71:8b:52:d3:d5:03:76:31:d8:32:89:7f root@wpixel01 The key's randomart image is: +--[ RSA 2048]----+ | .+*+. | | ..o=.+. | | + o. o . | | o = .. E | | o S . . | | . o + . | | o o o | | . | | | +-----------------+ 执行免密登录操作.............. -----copy to wpixel01----- spawn ssh -t -p 22 root@wpixel01 ssh-copy-id wpixel01 root@wpixel01's password: /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel01's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel01'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel01 closed. spawn ssh -t -p 22 root@wpixel01 ssh-copy-id wpixel02 The authenticity of host 'wpixel02 (10.211.55.112)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel02's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel02'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel01 closed. spawn ssh -t -p 22 root@wpixel01 ssh-copy-id wpixel03 The authenticity of host 'wpixel03 (10.211.55.113)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel03's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel03'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel01 closed. spawn ssh -t -p 22 root@wpixel01 ssh-copy-id wpixel04 The authenticity of host 'wpixel04 (10.211.55.114)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel04's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel04'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel01 closed. ---wpixel02--- ssh公钥秘钥文件不存在 创建ssh公钥秘钥............... spawn ssh root@wpixel02 ssh-keygen -t rsa Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: e8:c0:3a:e4:aa:27:dc:9b:09:6d:f6:fc:78:fd:3e:01 root@wpixel02 The key's randomart image is: +--[ RSA 2048]----+ | | | | | | | . . E | | . o . S . | | o.. o . | |..=+ . . . | |.o=o= .. . . | |+o +.+o. oo. | +-----------------+ 执行免密登录操作.............. -----copy to wpixel02----- spawn ssh -t -p 22 root@wpixel02 ssh-copy-id wpixel01 The authenticity of host 'wpixel01 (10.211.55.111)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel01's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel01'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel02 closed. spawn ssh -t -p 22 root@wpixel02 ssh-copy-id wpixel02 The authenticity of host 'wpixel02 (10.211.55.112)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel02's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel02'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel02 closed. spawn ssh -t -p 22 root@wpixel02 ssh-copy-id wpixel03 The authenticity of host 'wpixel03 (10.211.55.113)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel03's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel03'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel02 closed. spawn ssh -t -p 22 root@wpixel02 ssh-copy-id wpixel04 The authenticity of host 'wpixel04 (10.211.55.114)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel04's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel04'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel02 closed. ---wpixel03--- ssh公钥秘钥文件不存在 创建ssh公钥秘钥............... spawn ssh root@wpixel03 ssh-keygen -t rsa Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 0d:28:cc:58:02:f4:2f:f0:c0:ba:ba:64:24:1c:ad:6c root@wpixel03 The key's randomart image is: +--[ RSA 2048]----+ |oo. . | |. o* . | | =.o+ . . | |+ * .. o | |oE o . S . | |+. . | |.o | |+ | |o. | +-----------------+ 执行免密登录操作.............. -----copy to wpixel03----- spawn ssh -t -p 22 root@wpixel03 ssh-copy-id wpixel01 The authenticity of host 'wpixel01 (10.211.55.111)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel01's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel01'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel03 closed. spawn ssh -t -p 22 root@wpixel03 ssh-copy-id wpixel02 The authenticity of host 'wpixel02 (10.211.55.112)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel02's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel02'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel03 closed. spawn ssh -t -p 22 root@wpixel03 ssh-copy-id wpixel03 The authenticity of host 'wpixel03 (10.211.55.113)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel03's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel03'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel03 closed. spawn ssh -t -p 22 root@wpixel03 ssh-copy-id wpixel04 The authenticity of host 'wpixel04 (10.211.55.114)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel04's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel04'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel03 closed. ---wpixel04--- ssh公钥秘钥文件不存在 创建ssh公钥秘钥............... spawn ssh root@wpixel04 ssh-keygen -t rsa Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Generating public/private rsa key pair. Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: 72:65:35:e5:1d:4a:dd:91:16:20:9b:f4:c5:71:64:7a root@wpixel04 The key's randomart image is: +--[ RSA 2048]----+ | oo+=BX| | ..*ooO+| | oo o+ E| | o . | | . S | | o | | | | | | | +-----------------+ 执行免密登录操作.............. -----copy to wpixel04----- spawn ssh -t -p 22 root@wpixel04 ssh-copy-id wpixel01 The authenticity of host 'wpixel01 (10.211.55.111)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel01's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel01'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel04 closed. spawn ssh -t -p 22 root@wpixel04 ssh-copy-id wpixel02 The authenticity of host 'wpixel02 (10.211.55.112)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel02's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel02'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel04 closed. spawn ssh -t -p 22 root@wpixel04 ssh-copy-id wpixel03 The authenticity of host 'wpixel03 (10.211.55.113)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel03's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel03'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel04 closed. spawn ssh -t -p 22 root@wpixel04 ssh-copy-id wpixel04 The authenticity of host 'wpixel04 (10.211.55.114)' can't be established. ECDSA key fingerprint is 90:49:9b:b7:56:5e:7b:a3:3d:f4:b4:ff:41:e0:0e:4d. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@wpixel04's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'wpixel04'" and check to make sure that only the key(s) you wanted were added. Connection to wpixel04 closed.
相关文章推荐
- Xshell配置ssh免密码登录-密钥公钥(Public key)与私钥(Private Key)登录【已成功实例】
- macos下如何配置ssh无密码登录
- 解决root用户ssh配置无密码登陆/hadoop用户照仿可以实现相同功能:hadoop用户登录并且把命令的所有root换成home/hadoop
- Hadoop配置SSH免密码登录
- 通过SHELL实现SSH的无密登录
- Liunx 中使用ssh登录配置问题
- Linux配置SSH无密码登录
- ssh免密码登录配置
- ssh配置无密码登录
- linux配置ssh免密码登录的方法
- suse 10配置SSH无密码登录的步骤
- Linux下快速配置SSH免密码登录
- 在centos7下配置ssh无密码登录
- ssh配置免密登录
- linux 配置ssh无密码登录不起作用的解决方案
- 快速配置SSH证书登录
- ssh配置无password登录
- cisco 防火墙 5505 SSH 登录方式配置
- 批量配置SSH 免密钥登录脚本
- 如何利用华为交换机配置SSH登录