主机分布
一:copy公钥脚本,并且实现免输入yes
[root@ansible tmp]# cat copy-public.sh
#!/bin/bash
PassWord=$1
rpm -qa |grep sshpass 2>&1 > /dev/null
if [ $? -ne 0 ];then
yum -y install sshpass
fi
rpm -q expect &> /dev/null || yum -y install expect > /dev/null
if [ ! -f ~/.ssh/id_rsa ];then
ssh-keygen -P "" -f ~/.ssh/id_rsa
fi
# 下面可以是解析名字,如果在/etc/hosts文件定义。或者使用具体ip
#for ip in {10.18.18.3,10.18.18.4,10.18.18.5}
for ip in {node01,node02,master}
do
echo "== copy $ip pub-key to $ip is starting =="
sshpass -p${PassWord} ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip "-o StrictHostKeyChecking=no" &> /dev/null
if [ $? -eq 0 ];then
echo "host $ip copy public key successed"
fi
expect <<EOF
set timeout 20
spawn scp /root/.ssh/id_rsa $ip:/root/.ssh
expect {
"yes/no" { send "yes\n"; exp_continue }
"password" { send "$PassWord\n" }
}
EOF
scp /root/.ssh/id_rsa.pub $ip:/root/.ssh
echo "== copy pub-key to $ip is end =="
done
#执行脚本,后面要加位置参数为密码,每一台都执行,就能实现ssh登录免输入确认yes
# 注意,这是每台密码一致。
[root@ansible tmp]# ./copy-public.sh 123456
# ssh登录免输入yes
二:优化脚本,如果主机的password都不一样,就需要使用下面的脚本。手动输入对应主机的密码。
[root@master03 ~]# cat ssh-copy.sh
#!/bin/bash
rpm -qa |grep sshpass 2>&1 > /dev/null
if [ $? -ne 0 ];then
yum -y install sshpass
fi
rpm -q expect &> /dev/null || yum -y install expect > /dev/null
if [ ! -f ~/.ssh/id_rsa ];then
ssh-keygen -P "" -f ~/.ssh/id_rsa
fi
#for ip in {10.18.18.3,10.18.18.4,10.18.18.5}
for ip in {node01,node02,master}
do
echo "== copy $ip pub-key to $ip is starting =="
echo -n "Enter $ip password: "
read PassWord
sshpass -p${PassWord} ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip "-o StrictHostKeyChecking=no" &> /dev/null
if [ $? -eq 0 ];then
echo "host $ip copy public key successed"
fi
expect <<EOF
set timeout 20
spawn scp /root/.ssh/id_rsa $ip:/root/.ssh
expect {
"yes/no" { send "yes\n"; exp_continue }
"password" { send "$PassWord\n" }
}
EOF
scp /root/.ssh/id_rsa.pub $ip:/root/.ssh
echo "== copy pub-key to $ip is end =="
done
1.执行操作,拷贝公钥到定义的远程主机,实现免秘钥
#实现免输入yes登录