平时在操作Linux时,经常会遇到免密登录的配置问题,这里给大家分享一下自动配置免密的脚本。
编写脚本文件prepare_ssh.sh:
#!/usr/bin/bash
#自动输入的主机密码
password=test
username=test
which expect &>/dev/null
#判断expect是否已安装,如果没有安装,使用yum安装,建议使用root用户安装
if [ $? -ne 0 ]; then
yum -y install expect
fi
#判断是否已生成公钥,如果没有则自动生成
if [ ! -f ~/.ssh/id_rsa ]; then
echo "yes"| ssh-keygen -P "" -t rsa -f ~/.ssh/id_rsa
echo "密钥和公钥不存在,创建完成"
fi
#循环拷贝本机密钥到远程主机上,假设有两台主机
for i in {1..2};
do
echo `date` cdh0${i} >> key.log
#通过expect执行远程拷贝,并自动输入密码
/usr/bin/expect <<-EOF
spawn ssh-copy-id ${username}@cdh0${i}
expect {
"yes/no" { send "yes\r" ;exp_continue }
"password:" { send "${password}\r" }
}
expect eof
EOF
done
修改权限后执行
[test@cdh01 ~]$ chmod 700 prepare_ssh.sh
[test@cdh01 ~]$ ./prepare_ssh.sh
或直接执行:
sh prepare_ssh.sh
执行结果如下:
[test@cdh01 ~]$./prepare_ssh.exp
Generating public/private rsa key pair.
Created directory '/home/test/.ssh'.
Your identification has been saved in /home/test/.ssh/id_rsa.
Your public key has been saved in /home/test/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:1Lkp1jCcLnVSqgVQ+q1DbAEAPccYyfzzpo+tcBsIOIg test@cdh01.sino.com
The key's randomart image is:
+---[RSA 2048]----+
|.=o*ooo . |
| B oo o = . |
| +. . @ + |
|+ oo O * o |
|E oB S + |
| o . oo+ . |
| o ooo |
| o.= . |
| +oo |
+----[SHA256]-----+
密钥和公钥不存在,创建完成
spawn ssh-copy-id cdh01
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/test/.ssh/id_rsa.pub"
The authenticity of host 'cdh01 (192.168.113.221)' can't be established.
ECDSA key fingerprint is SHA256:h0Vh0eiKIYf8YeYMwoKY3kagWZIlSPRabg25bsHpfgU.
ECDSA key fingerprint is MD5:a0:68:9c:a9:b0:70:5d:e9:72:fa:85:a2:41:04:27:c8.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test@cdh01's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'cdh01'"
and check to make sure that only the key(s) you wanted were added.
spawn ssh-copy-id cdh02
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/test/.ssh/id_rsa.pub"
The authenticity of host 'cdh02 (192.168.113.222)' can't be established.
ECDSA key fingerprint is SHA256:v0zDmGnKppIL9GEKTXUV82FP/luv4R/t33C0mrwN7wM.
ECDSA key fingerprint is MD5:14:8c:c8:79:95:56:60:f6:5c:2d:0b:47:97:87:8e:9d.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test@cdh02's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'cdh02'"
and check to make sure that only the key(s) you wanted were added.
[test@cdh01 ~]$
[test@cdh01 ~]$ ssh cdh02
Last login: Thu Sep 10 21:55:40 2020 from cdh01.sino.com
[test@cdh02 ~]$
执行上述脚本后,即可通过ssh 进行免密登录远程主机
注意:EOF中间的代码行首都是tab,不能用空格!
软件安装建议使用root用户安装!!,普通用户可能没有yum install 权限