Centos7 rsync ssh免密登录

Centos7 rsync ssh免密登录

1 准备

1. 服务器
   
2. 服务器的静态ip,hostname,hosts,网络问题配置省略
   centos7静态ip配置参考

2. rsync

rsync主要用于备份和镜像。具有速度快、避免复制相同内容和支持符号链接的优点。

2.1 插件下载

yum install rsync -y 

2.2 语法

命令   选项参数 要拷贝的文件路径/名称 目的地用户@主机:目的地路径/名称  选项参数说明 
rsync -av $pdir/$fname $user@$host:$pdir/$fname

2.3 编写基于rsync的xsync集群分发脚本 （干货）

2.3.1 查看系统声明的全局环境变量的路径

1. 指令

[develop@hadoop300 ~]$ echo $PATH 
/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/develop/.local/bin:/home/develop/bin

2. 选择/home/develop/bin目录

2.3.2 在/home/develop/bin目录下创建xsync

1. 创建xsync

# 创建脚本文件并编辑
[develop@hadoop300 ~]$ cd /home/develop/
[develop@hadoop300 ~]$ mkdir bin
[develop@hadoop300 ~]$ cd bin
[develop@hadoop300 bin]$ vim xsync
# 修改脚本 xsync 具有执行权限
[develop@hadoop300 bin]$ chmod +x xsync

2. xsync 脚本

#!/bin/bash
#1. 判断参数个数 
if [ $# -lt 1 ]; then
   echo Not Enough Arguement!
   exit;
fi
#2. 遍历集群所有机器 
for host in hadoop100 hadoop200 hadoop300
    do  echo ==================== $host ====================  
      #3. 遍历所有目录，挨个发送   
	  for file in $@
	    do
	      #4. 判断文件是否存在  
	      if [ -e $file ];  then  
	         #5. 获取父目录  
	         pdir=$(cd -P $(dirname $file); pwd)
	         #6. 获取当前文件的名称  
	         fname=$(basename $file)  
	         ssh $host "mkdir -p $pdir"  
	         rsync -av $pdir/$fname $host:$pdir  
	      else  
	         echo $file does not exists!  
          fi
	done 
done 

3. 测试验证

# 1. 切换到root用户
su root
[root@hadoop300 bin]# xsync /opt/software/a.txt 
==================== hadoop100 ====================
root@hadoop100's password: 
root@hadoop100's password: 
Permission denied, please try again.
root@hadoop100's password: 
sending incremental file list
a.txt

sent 114 bytes  received 35 bytes  15.68 bytes/sec
total size is 5  speedup is 0.03
==================== hadoop200 ====================
The authenticity of host 'hadoop200 (192.168.11.200)' can't be established.
ECDSA key fingerprint is SHA256:V0g9oGIQNUlMi75NPTru/WJE8Q9tY1LIVFMrXIFkx2A.
ECDSA key fingerprint is MD5:2a:ed:63:08:7e:f3:bc:d6:1e:fd:e9:46:63:1d:f1:1c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'hadoop200,192.168.11.200' (ECDSA) to the list of known hosts.
root@hadoop200's password: 
root@hadoop200's password: 
sending incremental file list
a.txt

sent 114 bytes  received 35 bytes  42.57 bytes/sec
total size is 5  speedup is 0.03
==================== hadoop300 ====================
The authenticity of host 'hadoop300 (fe80::f0b1:1c4e:aa67:ebc7%ens33)' can't be established.
ECDSA key fingerprint is SHA256:V0g9oGIQNUlMi75NPTru/WJE8Q9tY1LIVFMrXIFkx2A.
ECDSA key fingerprint is MD5:2a:ed:63:08:7e:f3:bc:d6:1e:fd:e9:46:63:1d:f1:1c.
Are you sure you want to continue connecting (yes/no)? yes
root@hadoop300's password: 
root@hadoop300's password: 
sending incremental file list

sent 62 bytes  received 12 bytes  29.60 bytes/sec
total size is 5  speedup is 0.07

2.4 ssh免密登录操作

2.4.1 基本语法

# 连接
ssh hadoop103
# 创建秘钥
ssh-keygen -t rsa
# 免密授权
ssh-copy-id 服务ip/hosts文件下的别名

2.4.2 原理

2.4.3 三台服务器均要生成公钥跟私钥

2.4.3.1 develop用户

注意：.ssh文件夹可能不存在，需要ssh host 其他主机会自动生成

1. 用户生成公钥，私钥

# 1. 查看.ssh
[develop@hadoop300 ~]$ cd /home/develop/
[develop@hadoop300 ~]$ ls -al
总用量 16
drwx------. 4 develop develop  101 9月  11 14:20 .
drwxr-xr-x. 3 root    root      21 9月   8 00:15 ..
-rw-r--r--. 1 develop develop   18 4月   1 2020 .bash_logout
-rw-r--r--. 1 develop develop  193 4月   1 2020 .bash_profile
-rw-r--r--. 1 develop develop  231 4月   1 2020 .bashrc
drwxrwxr-x. 2 develop develop   19 9月  11 14:20 bin
drwx------. 2 develop develop   25 9月  11 14:20 .ssh
-rw-------. 1 develop develop 3676 9月  11 14:20 .viminfo
# 2. 进入ssh目录并创建公钥与私钥
[develop@hadoop300 ~]$ cd .ssh
[develop@hadoop300 .ssh]$ ll
总用量 4
-rw-r--r--. 1 develop develop 186 9月  11 14:20 known_hosts
##  ssh-keygen -t rsa指令,连续回车确认
[develop@hadoop300 .ssh]$ ssh-keygen -t rsa 
Generating public/private rsa key pair.
Enter file in which to save the key (/home/develop/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/develop/.ssh/id_rsa.
Your public key has been saved in /home/develop/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:yu/8zLEVrnhMCSczgXTlWe1RVxHwo0MbwB/9wYnaums develop@hadoop300
The key's randomart image is:
+---[RSA 2048]----+
|     .....o..o=+O|
|      .... +.o+=.|
|         .o ++.+o|
|        = ...o= o|
|        S* .o+   |
|     . .  oo ..  |
|      o  o. +    |
|       o +oE     |
|       .=oB..    |
+----[SHA256]-----+
[develop@hadoop300 .ssh]$ ll
总用量 12
-rw-------. 1 develop develop 1679 9月  11 14:32 id_rsa
-rw-r--r--. 1 develop develop  399 9月  11 14:32 id_rsa.pub
-rw-r--r--. 1 develop develop  186 9月  11 14:20 known_hosts

2. 免登陆操作

# 语法 ssh-copy-id 服务器ip/别名
ssh-copy-id hadoop100

[develop@hadoop300 .ssh]$ ssh-copy-id hadoop100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/develop/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
develop@hadoop100's password: 
Permission denied, please try again.
develop@hadoop100's password: 
[develop@hadoop300 .ssh]$ ssh-copy-id hadoop100
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/develop/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
develop@hadoop100's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'hadoop100'"
and check to make sure that only the key(s) you wanted were added.

注意：

• 还需要在hadoop100上采用develop账号配置一下无密登录到hadoop200、hadoop300服务器上。
• 还需要在hadoop200上采用develop账号配置一下无密登录到hadoop100、hadoop300服务器上。
• 还需要在hadoop300上采用develop账号配置一下无密登录到hadoop100、hadoop200服务器上。

2.4.3.2 root用户