CentOS 配置多机互信ssh_auth.sh 脚本

#!/bin/sh
DEST_USER=$1
PASSWORD=$2
HOSTS_FILE=$3
if [ $# -ne 3 ]; then
echo “Usage:”
echo “$0 remoteUser remotePassword hostsFile”
exit 1
fi

SSH_DIR=~/.ssh
SCRIPT_PREFIX=./tmp
echo ===========================

  1. prepare directory .ssh
    mkdir $SSH_DIR
    chmod 700 $SSH_DIR

  2. generat ssh key
    TMP_SCRIPT=KaTeX parse error: Expected 'EOF', got '#' at position 25: …EFIX.sh echo "#̲!/usr/bin/expec…TMP_SCRIPT
    echo “spawn ssh-keygen -b 1024 -t rsa”>>TMPSCRIPTecho"expectkey">>TMP_SCRIPT echo "expect *key*">>TMP_SCRIPT
    echo “send \r”>>$TMP_SCRIPT
    if [ -f SSHDIR/idrsa];thenecho"expectverwrite">>SSH_DIR/id_rsa ]; then echo "expect *verwrite*">>TMP_SCRIPT
    echo “send y\r”>>TMPSCRIPTfiecho"expectpassphrase">>TMP_SCRIPT fi echo "expect *passphrase*">>TMP_SCRIPT
    echo “send \r”>>TMPSCRIPTecho"expectagain:">>TMP_SCRIPT echo "expect *again:">>TMP_SCRIPT
    echo “send \r”>>TMPSCRIPTecho"interact">>TMP_SCRIPT echo "interact">>TMP_SCRIPT

chmod +x $TMP_SCRIPT

/usr/bin/expect $TMP_SCRIPT
rm $TMP_SCRIPT

  1. generat file authorized_keys
    cat SSHDIR/idrsa.pub>>SSH_DIR/id_rsa.pub>>SSH_DIR/authorized_keys

#4. chmod 600 for file authorized_keys
chmod 600 $SSH_DIR/authorized_keys
echo ===========================

  1. copy all files to other hosts
    for ip in $(cat HOSTSFILE)doif["xHOSTS_FILE) do if [ "xip" != “x” ]; then
    echo -------------------------
    TMP_SCRIPT=SCRIPTPREFIX.{SCRIPT_PREFIX}.ip.sh
    # check known_hosts
    val=ssh-keygen -F $ip
    if [ “xval"=="x"];thenecho"val" == "x" ]; then echo "ip not in $SSH_DIR/known_hosts, need to add”
    val=ssh-keyscan $ip 2>/dev/null
    if [ “x$val” == “x” ]; then
    echo “ssh-keyscan $ip failed!”
    else
    echo val>>val>>SSH_DIR/known_hosts
    fi
    fi
    echo “copy $SSH_DIR to $ip”

     echo  "#!/usr/bin/expect">$TMP_SCRIPT
     echo  "spawn scp -r  $SSH_DIR $DEST_USER@$ip:~/">>$TMP_SCRIPT
     echo  "expect *assword*">>$TMP_SCRIPT
     echo  "send $PASSWORD\r">>$TMP_SCRIPT
     echo  "interact">>$TMP_SCRIPT
         
     chmod +x $TMP_SCRIPT
     #echo "/usr/bin/expect $TMP_SCRIPT" >$TMP_SCRIPT.do
     #sh $TMP_SCRIPT.do&
     
     /usr/bin/expect $TMP_SCRIPT
     rm $TMP_SCRIPT
     echo "copy done."                
    

    fi
    done
    echo done.
    ##################以上为 ssh_auth.sh脚本
    ##########配置互信主机ip列表
    echo"192.168.10.202
    192.168.10.203
    192.168.10.205
    192.168.10.206
    192.168.10.207
    192.168.10.208">>hostlist
    #######################需安装expect及tcl依赖包
    链接:https://pan.baidu.com/s/1xxd4kednpoQ6wzXEymPzgg
    提取码:0q7o
    在这里插入图片描述
    tar -zxvf tcl8.4.11-src.tar.gz
    在这里插入图片描述
    cd tcl8.4.11/unix/ &&./configure && make && make install
    tar -zvxf expect-5.43.0.tar.gz
    cd expect-5.43.0 && ./configure --with-tclinclude=/usr/local/src/tcl8.4.11/generic --with-tclconfig=/usr/local/lib/ && make && make install
    expect
    ln -s /usr/local/bin/expect /usr/bin/expect
    ll /usr/bin/expect
    #######################脚本和hostlist文件放置同一路径并执行以下语句
    sh ssh_auth.sh root passwd hostlist

###########################################################
###########################################################
##################两台服务器双机互信
###在两台服务器执行
sh-keygen -t rsa
ssh-keygen -t dsa
su - grid
###在rac1上执行 (rac1,rac2 均为ip)
ssh rac1 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
ssh rac1 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys rac1:~/.ssh/
###在rac2上执行 (rac1,rac2 均为ip)
ssh rac1 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
ssh rac2 cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
ssh rac1 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
ssh rac2 cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
scp ~/.ssh/authorized_keys rac2:~/.ssh/

##############################################################
#############################################################

展开阅读全文

没有更多推荐了,返回首页

©️2019 CSDN 皮肤主题: 大白 设计师: CSDN官方博客
应支付0元
点击重新获取
扫码支付

支付成功即可阅读