远程连接服务

一、远程连接服务原理

1）基于密码方式访问服务器
2）基于密钥方式访问多台服务器
客户端端向服务器发送建## 标题立ssh服务请求
并创建密钥对，将公钥推送到服务器
服务器用公钥质询客户端
客户端用私钥解密再发送到服务器

二、远程连接实现方式

1）命令行方式实现
a.创建秘钥对

[root@web2 ~]# ssh-keygen -t rsa
[root@web2 ~]# ll /root/.ssh/
total 8
-rw------- 1 root root 1675 Jan 17 10:25 id_rsa
-rw-r--r-- 1 root root  391 Jan 17 10:25 id_rsa.pub

b.向服务器传送公钥信息

[root@web2 ~]# ssh-copy-id -i /root/.ssh/id_rsa 10.0.0.9
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.0.0.9 (10.0.0.9)' can't be established.
ECDSA key fingerprint is SHA256:Ad2udxtqrRU6RVpIlG35wl9p3fLLaJ4Lsvb5n9lzN3c.
ECDSA key fingerprint is MD5:05:1f:c9:80:b2:4c:0e:3f:05:f4:08:5d:6f:8b:8b:61.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.9's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '10.0.0.9'"
and check to make sure that only the key(s) you wanted were added.

c.远程连接测试

[root@web2 ~]# ssh 10.0.0.9
Last login: Fri Jan 17 10:24:39 2020 from 10.0.0.1
[root@web3 ~]# ll /root/.ssh/
total 4
-rw------- 1 root root 391 Jan 17 10:27 authorized_keys

2)用脚本方式管理多台服务器
准备需要连接的服务器地址

[root@manager scripts]# ls
2.distribute_public_key.sh  ip.txt
[root@manager scripts]# cat ip.txt 
10.0.0.31
10.0.0.41
10.0.0.7
10.0.0.8

脚本内容：

[root@manager scripts]# cat 2.distribute_public_key.sh 
#!/bin/bash
      for ip in $(cat /scripts/ip.txt)
      do
        sshpass -p123456 ssh-copy-id -i /root/.ssh/id_rsa.pub 10.0.0.7 -o StrictHostKeyChecking=no &>/dev/null
        if [ $? -eq 0 ]
        then
           echo  "to $ip distribute_key "
           echo  "public key distribute ok"
           echo  ""
        else
           echo  "to $ip distribute_key"
           echo  "public key distribute no"
           echo  ""
        fi
      done

测试连接结果

[root@manager scripts]# sh 2.distribute_public_key.sh 
to 10.0.0.31 distribute_key 
public key distribute ok

to 10.0.0.41 distribute_key 
public key distribute ok

to 10.0.0.7 distribute_key 
public key distribute ok

to 10.0.0.8 distribute_key 
public key distribute ok

脚本2：基于不同的ip地址，端口，密码

[root@manager scripts]# ls
3.distribute_public_key.sh  ip_list.txt

#!/bin/bash
      for host in $(cat /server/scripts/ip_list.txt)
      do
        host_ip=$(echo $host|awk -F ":" '{print $1}')
        host_pass=$(echo $host|awk -F ":" '{print $2}')
        host_port=$(echo $host|awk -F ":" '{print $3}')
        sshpass -p$host_pass ssh-copy-id -i /root/.ssh/id_rsa.pub $host_ip -o StrictHostKeyChecking=no -p$host_port  &>/dev/null
        if [ $? -eq 0 ]
        then
           echo  "to $host_ip distribute_key "
           echo  "public key distribute ok"
           echo  ""
        else
           echo  "to $host_ip distribute_key"
           echo  "public key distribute no"
           echo  ""
        fi
      done

为了便于操作 密码端口设置一样

[root@manager scripts]# cat ip_list.txt 
172.16.1.7:123456:22
172.16.1.8:123456:22
172.16.1.31:123456:22
172.16.1.41:123456:22

查看连接结果

[root@manager scripts]# sh 3.distribute_public_key.sh 
to 172.16.1.7 distribute_key 
public key distribute ok

to 172.16.1.8 distribute_key 
public key distribute ok

to 172.16.1.31 distribute_key 
public key distribute ok

to 172.16.1.41 distribute_key 
public key distribute ok

[root@manager scripts]# ssh 10.0.0.7
Last login: Fri Jan 17 09:25:30 2020 from 10.0.0.61