ssh自动互信

最新推荐文章于 2024-05-19 17:03:37 发布

weixin_33962621

最新推荐文章于 2024-05-19 17:03:37 发布

阅读量65

点赞数

文章标签：运维 python

原文链接：https://my.oschina.net/u/1171200/blog/701175

版权

2019独角兽企业重金招聘Python工程师标准>>>

一、脚本说明

1、在任意节点上，以root用户执行该脚本

2、脚本中的数组变量：

1）array_user：控制要进行互信的用户，该脚本中使用的是（root，highgo）

2）array_node：控制要互信的节点的hostname

3）需要在执行脚本的当前目录下创建log目录，以存放互信过程中的日志

4）该脚本中，用户密码均为123456

二、脚本内容

#!/bin/bash

array_user=(root highgo)
#array_user=(highgo)
array_node=(gtm gtm_standby node1 node2)

function expect_root {
/usr/bin/expect << EOF
   spawn /usr/bin/ssh ${1}@${2}
   expect {
     "yes/no" {send "yes\r"; exp_continue}
     "*assword:" {send "123456\r"}
   }

   expect {
     "*#" {
       send "/usr/bin/ssh-keygen -t rsa\r";
         expect {
           "*id_rsa):" {send "\n"; exp_continue}
           "(y/n)?" {send "y\r"; exp_continue}
           "passphrase" {send "\n"; exp_continue}
           "again:" {send "\n"}
         }
     }
   }
   expect {
     "*#" {
       send "/usr/bin/scp ${3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_${1}_${2}.pub\r";
         expect {
           "yes/no" {send "yes\r"; exp_continue}
           "*assword:" {send "123456\r"}
         }
     }
   }
   expect {
     "*#" {send "exit\n\r"}
   }
EOF
}

function expect_user {
/usr/bin/expect << EOF
   spawn /usr/bin/ssh ${1}@${2}
   expect {
     "yes/no" {send "yes\r"; exp_continue}
     "*assword:" {send "123456\r"}
   }
   expect {
     "]$ " {
       send "/usr/bin/ssh-keygen -t rsa\r";
         expect {
           "*id_rsa):" {send "\n"; exp_continue}
           "(y/n)?" {send "y\r"; exp_continue}
           "passphrase" {send "\n"; exp_continue}
           "again:" {send "\n"}
         }
     }
   }
   expect {
     "]$ " {
       send "/usr/bin/scp ${3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_${1}_${2}.pub\r";
         expect {
           "yes/no" {send "yes\r"; exp_continue}
           "*assword:" {send "123456\r"}
         }
     }
   }
   expect {
     "]$ " {send "exit\n\r"}
   }
EOF
}

function expect_to {
/usr/bin/expect << EOF
spawn /usr/bin/scp /opt/ssh/authorized_keys ${1}@${2}:${3}/.ssh/
expect {
"yes/no" {send "yes\r"; exp_continue}
"*assword:" {send "123456\r"}
}
expect "100%"
EOF
}

for user in `echo ${array_user[@]}`
do
for node in `echo ${array_node[@]}`
do
    touch /opt/ssh/id_${user}_${node}.pub
    cat /dev/null > /opt/ssh/id_${user}_${node}.pub
       if [ "${user}" = "root" ]; then
          user_home=/root
          expect_root ${user} ${node} ${user_home} > ./log/create_${user}_${node}.log 2>&1
       else
          user_home=/home/${user}
          expect_user ${user} ${node} ${user_home} > ./log/create_${user}_${node}.log 2>&1
       fi;
   done;
done;

cat /dev/null > /opt/ssh/authorized_keys
cat /opt/ssh/id_*.pub > /opt/ssh/authorized_keys
for user in `echo ${array_user[@]}`
do
for node in `echo ${array_node[@]}`
do
       if [ "${user}" = "root" ]; then
          user_home=/root
       else
          user_home=/home/${user}
       fi;
       expect_to ${user} ${node} ${user_home} > ./log/to_${user}_${node}.log 2>&1
done;
done;