根据前2节的详细说明,那么将其作为一个脚本是非常简单的事情。
主要思路
- 判断本地的id_rsa和id_rsa.pub是否已经生成,没有ssh-kengen命令生成;
- 将生成的id_rsa.pub写入远端的authorithy_keys;
- 设置权限(700 .ssh / 600 或 644 authorithy_keys);
- 设置.ssh文件夹标签;
脚本详情
#!/bin/sh
###################
# sh
# usage: ./install-single.sh
# Author Sean
# Date 2017-04-14
#####################
# rsa_file="~/.ssh/id_rsa"
generator_root_url="/var/root"
rsa_file=".ssh/id_rsa"
rsa_pub_file=".ssh/id_rsa.pub"
authorized_keys_file=".ssh/authorized_keys"
ras_file_url=${generator_root_url}/${rsa_file}
rsa_pub_file_url=${generator_root_url}/${rsa_pub_file}
target_ssh=".ssh"
target_authorized_keys_file_url=${authorized_keys_file}
#这里的-f参数判断$myFile是否存在 注意不要包含相对路径"~"
cd ~ ;
if [ -f "$rsa_file" ]&&[ -f "$rsa_pub_file" ]
then
echo "Verify the ssh key.";
ssh-keygen -l;
echo "The ssh key is already genearted .";
else
echo "Geneart the ssh key.";
ssh-keygen -t rsa;
echo "The ssh key is genearted.";
fi
# 配置需要写入的目录
pub_key=$(cat $rsa_pub_file)
isContinue="y"
while [ $isContinue = 'y' ]
do
username="root"
read -t 30 -p "The username of the machine to be ssh .(default:root)" usernameTmp ;
if [ "${usernameTmp}" != "" ]; then
username=${usernameTmp}
fi
ip="127.0.0.1"
read -t 30 -p "The ip of the machine to be ssh .(default:127.0.0.1)" ipTmp ;
if [ "${ipTmp}" != "" ]; then
ip=${ipTmp}
fi
echo "username":"$username"/"ip":"$ip"
ssh "$username"@"$ip" " mkdir -p "${target_ssh}" ; echo "$pub_key" >> "$target_authorized_keys_file_url" ; echo "The pub_key is configed."; "
read -t 30 -n 1 -p "Do you want to set other machines.(y/n)(default:y)" isContinueTmp ;
if [ "${isContinueTmp}" != "" ]; then
isContinue=${isContinueTmp}
fi
done
More
在后期,将其改造成为集群内互相的免密登陆脚本也应当是一个非常容易的事情,这便是我们下一篇要说的内容。