Redhat7.7 快速配配置免密钥 expect

平时在操作Linux时，经常会遇到免密登录的配置问题，这里给大家分享一下自动配置免密的脚本。

编写脚本文件prepare_ssh.sh：

#!/usr/bin/bash
#自动输入的主机密码
password=test
username=test
which expect &>/dev/null
#判断expect是否已安装，如果没有安装，使用yum安装,建议使用root用户安装
if [ $? -ne 0 ]; then
        yum -y install expect
fi
#判断是否已生成公钥，如果没有则自动生成
if [ ! -f ~/.ssh/id_rsa ]; then
		echo "yes"| ssh-keygen -P "" -t rsa -f ~/.ssh/id_rsa
        echo "密钥和公钥不存在，创建完成"
fi

#循环拷贝本机密钥到远程主机上，假设有两台主机
for i in {1..2};
do
                        echo  `date` cdh0${i} >> key.log
                        #通过expect执行远程拷贝，并自动输入密码
                        /usr/bin/expect <<-EOF
						spawn ssh-copy-id ${username}@cdh0${i}
						expect {
								"yes/no" { send "yes\r" ;exp_continue }
								"password:" { send "${password}\r"  }
						}
			expect eof
EOF
done

修改权限后执行

[test@cdh01 ~]$ chmod 700 prepare_ssh.sh
[test@cdh01 ~]$ ./prepare_ssh.sh

或直接执行：

sh prepare_ssh.sh

执行结果如下：

[test@cdh01 ~]$./prepare_ssh.exp 
Generating public/private rsa key pair.
Created directory '/home/test/.ssh'.
Your identification has been saved in /home/test/.ssh/id_rsa.
Your public key has been saved in /home/test/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:1Lkp1jCcLnVSqgVQ+q1DbAEAPccYyfzzpo+tcBsIOIg test@cdh01.sino.com
The key's randomart image is:
+---[RSA 2048]----+
|.=o*ooo   .      |
|  B oo o = .     |
|   +. . @ +      |
|+   oo O * o     |
|E    oB S +      |
| o . oo+ .       |
|  o ooo          |
|   o.= .         |
|    +oo          |
+----[SHA256]-----+
密钥和公钥不存在，创建完成
spawn ssh-copy-id cdh01
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/test/.ssh/id_rsa.pub"
The authenticity of host 'cdh01 (192.168.113.221)' can't be established.
ECDSA key fingerprint is SHA256:h0Vh0eiKIYf8YeYMwoKY3kagWZIlSPRabg25bsHpfgU.
ECDSA key fingerprint is MD5:a0:68:9c:a9:b0:70:5d:e9:72:fa:85:a2:41:04:27:c8.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test@cdh01's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'cdh01'"
and check to make sure that only the key(s) you wanted were added.

spawn ssh-copy-id cdh02
/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/test/.ssh/id_rsa.pub"
The authenticity of host 'cdh02 (192.168.113.222)' can't be established.
ECDSA key fingerprint is SHA256:v0zDmGnKppIL9GEKTXUV82FP/luv4R/t33C0mrwN7wM.
ECDSA key fingerprint is MD5:14:8c:c8:79:95:56:60:f6:5c:2d:0b:47:97:87:8e:9d.
Are you sure you want to continue connecting (yes/no)? yes
/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
test@cdh02's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'cdh02'"
and check to make sure that only the key(s) you wanted were added.

[test@cdh01 ~]$
[test@cdh01 ~]$ ssh cdh02
Last login: Thu Sep 10 21:55:40 2020 from cdh01.sino.com
[test@cdh02 ~]$ 

执行上述脚本后，即可通过ssh 进行免密登录远程主机
注意：EOF中间的代码行首都是tab，不能用空格！
软件安装建议使用root用户安装！！，普通用户可能没有yum install 权限