最近想弄个Linux下批量传输拷贝部署远程服务器脚本
思路:1.与远程客户端建立等效性
2.拷贝数据、或者执行远程服务器命令
自动化等效性脚本如下:前提是安装expect这个包
================================================================
服务端生成自动生成rsa key
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
===============================================================
拷贝生成的key到远程服务器上
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
其中ip.txt内容格式为如下:
192.168.1.56:123456
===============================================================
执行服务端到客户端推送命令
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
===============================================================
最后脚本如下:
[root@lgl script]# cat ssh.sh
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
"
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
##################################################################
使用下例中ssky-keygen和ssh-copy-id,仅需通过3个步骤的简单设置而无需输入密码就能登录远程Linux主机。
ssh-keygen 创建公钥和密钥。
ssh-copy-id 把本地主机的公钥复制到远程主机的authorized_keys文件上。
ssh-copy-id 也会给远程主机的用户主目录(home)和~/.ssh, 和~/.ssh/authorized_keys设置合适的权限 。
步骤1: 用 ssh-key-gen 在本地主机上创建公钥和密钥
ligh@local-host$ ssh-keygen -t rsa
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is: 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9
ligh@local-host
步骤2: 用 ssh-copy-id 把公钥复制到远程主机上
ligh@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.3
ligh@remote-host‘s password:
Now try logging into the machine, with ―ssh ?remote-host‘‖, and check in:
.ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
[注: ssh-copy-id 把密钥追加到远程主机的 .ssh/authorized_key 上.]
步骤3: 直接登录远程主机
ligh@local-host$ ssh remote-host
Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
[注: SSH 不会询问密码.]
ligh@remote-host$
[注: 你现在已经登录到了远程主机上]
##################################