脚本练习
要求:
1.通过控制端,为被控端创建 新用户及其口令
2.通过控制端,为被控端配置 彼此间通过新用户的无口令SSH登录
## 创建被控端的主机列表文件
cat > hosts.list << EOF
10.0.0.102 root a123456!
10.0.0.103 root a123456!
10.0.0.104 root a123456!
EOF
chown root:root hosts.list
chmod 600 hosts.list
###创建脚本###
touch ssh_nopass.sh
chown root:root ssh_nopass.sh
chmod 600 ssh_nopass.sh
##--------------------------------------------
vi ssh_nopass.sh ##编辑脚本内容
##
#!/bin/bash
read -e -p "请输入新建的用户名:" newuser
read -e -s -p "请输入新建用户的密码:" userpass
##
##1.实现root无口令ssh登录
which expect &> /dev/null || yum install -y expect
expect << EOF
spawn ssh-keygen
expect {
"*:" {send "\n"; exp_continue}
"*(y/n)?" {send "n\n"; exp_continue}
eof
}
EOF
cat hosts.list | while read hostinfo; do
host_ip=`echo $hostinfo | awk '{print $1}'`
host_user=`echo $hostinfo | awk '{print $2}'`
host_pass=`echo $hostinfo | awk '{print $3}'`
expect <<EOF
spawn ssh-copy-id $host_user@$host_ip
expect {
"*(yes/no)?" {send "yes\n"; exp_continue}
"*password:" {send "$host_pass\n"; exp_continue}
eof
}
EOF
done
##
##2.为被控端创建指定的用户及口令
##
cat hosts.list | while read hostinfo; do
host_ip=`echo $hostinfo | awk '{print $1}'`
host_user=`echo $hostinfo | awk '{print $2}'`
ssh $host_user@$host_ip <<EOF
id $newuser &> /dev/null || useradd $newuser
echo "$newuser:$userpass" | chpasswd
EOF
done
##
##3.为主控端和被控端安装:sshpass工具,用于执行非交互ssh密码验证
##
which sshpass &> /dev/null || yum install -q -y sshpass
while read hostinfo; do
host_ip=`echo $hostinfo | awk '{print $1}'`
host_user=`echo $hostinfo | awk '{print $2}'`
ssh $host_user@$host_ip <<EOF &
which sshpass &> /dev/null || yum install -q -y sshpass
which expect &> /dev/null || yum install -q -y expect
EOF
done < hosts.list
wait
echo "sshpass工具安装完毕!"
##
##4.为被控端创建新用户的ssh密钥,并配置彼此间通过新用户的无口令ssh登录
##
host_ip_list=$(cat hosts.list | awk '{print $1}')
cat hosts.list | while read hostinfo; do
host_ip=`echo $hostinfo | awk '{print $1}'`
sshpass -p $userpass ssh $newuser@$host_ip <<EOF
##
##创建新用户的ssh密钥
/usr/bin/expect <<END
spawn ssh-keygen
expect {
"*:" {send "\n"; exp_continue}
"*(y/n)?" {send "n\n"; exp_continue}
eof
}
END
echo "$newuser@$host_ip新用户的ssh密钥创建完毕!"
##
##将新用户的ssh公钥传输给其他主机
for i in `echo ${host_ip_list}`; do
/usr/bin/expect <<END
spawn ssh-copy-id $newuser@\$i
expect {
"*(yes/no)?" {send "yes\n"; exp_continue}
"*password:" {send "$userpass\n"; exp_continue}
eof
}
END
done
echo "$newuser@$host_ip新用户的ssh无口令登录配置完毕!"
EOF
done