前言
平时需要管理多台主机,在内网内往往需要打通SSH密钥.主机相互之间需要两两配置SSH密钥,随着主机数量增多,此工作量甚是繁琐无味.
故编写如下配置脚本,只需在一台主机上面部署,执行一个命令即可打通多台主机之间相互的SSH密钥.
@Author duangr
@Website http://my.oschina.net/duangr/blog/181205
1.相关环境
Host Name | OS | IP |
duangr-1 | CentOS 64 x86_64 | 192.168.56.10 |
duangr-2 | CentOS 64 x86_64 | 192.168.56.11 |
duangr-3 | CentOS 64 x86_64 | 192.168.56.12 |
2.部署规划
项 | 值 |
登陆用户 | hadoop |
用户密码 | yourpasswd |
安装路径 | /export/home/tools/ |
程序所在主机 | 192.168.56.10 |
其他远程主机 | 192.168.56.11,192.168.56.12 |
3.代码获取
4.前提依赖
程序所在主机需要安装expect脚本
- 查看主机是否已安装expect
[root@duangr-1 ~]# rpm -qa |grep -i expect
expect-5.44.1.15-4.el6.x86_64
- 若没有安装,请下载expect-5.44.1.15-4.el6.x86_64
[root@duangr-1 ~]# rpm -ivh expect-5.44.1.15-4.el6.x86_64
本文只针对64bit Centos6.4,若版本不符请网上搜索 http://rpm.pbone.net
5.安装工具包
- 使用需要打通SSH密钥的用户(比如hadoop)登陆主机192.168.56.10
- 上传工具包并解压
tar -zxf ssh-key-generate2.tar.gz -C /export/home/tools/
cd /export/home/tools/ssh-key-generate2
dos2unix *
chmod 751 *.sh
6.配置密钥
6.1 修改配置
[hadoop@duangr-1 ssh-key-generate2]$ vi config.ini
########################
# config #
########################
# local address
LOCAL_ADDR=192.168.56.10 ## 本机地址
# use "," to split mult addrs
REMOTE_ADDR=192.168.56.11,192.168.56.12 ## 远程主机地址
# passwd
PASSWD=yourpasswd ## 当前登录用户对应密码,目前只支持多主机密码相同的情况
# skip detect
SKIP_DETECT=true ## 是否跳过探测的过程.此步骤的目的是在密钥打通后,依次从每台主机上向其他所有主机ssh登录一遍
6.2 打通密钥
[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh
[2013-10-24 23:35:28] [INFO ] Using BIN_HOME: /export/home/tools/ssh-key-generate2
[2013-10-24 23:35:28] [INFO ] Using LOCAL_ADDR: 192.168.56.10
[2013-10-24 23:35:28] [INFO ] Using REMOTE_ADDR: 192.168.56.11,192.168.56.12
[2013-10-24 23:35:28] [INFO ] Using USER: hadoop
[2013-10-24 23:35:28] [INFO ] Using PASSWD: yourpasswd
[2013-10-24 23:35:28] [INFO ] Using SKIP_DETECT: true
[2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init ...
[2013-10-24 23:35:28] [INFO ] write authorized_keys_192.168.56.10 into authorized_keys ...
[2013-10-24 23:35:28] [INFO ] local host 192.168.56.10 ssh-key init over!
[2013-10-24 23:35:28] [INFO ] remote host 192.168.56.11 ssh-key init ...
[2013-10-24 23:35:33] [INFO ] write authorized_keys_192.168.56.11 into authorized_keys ...
[2013-10-24 23:35:33] [INFO ] remote host 192.168.56.12 ssh-key init ...
[2013-10-24 23:35:37] [INFO ] write authorized_keys_192.168.56.12 into authorized_keys ...
[2013-10-24 23:35:37] [INFO ] all remote hosts init over!
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.11 ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to remote host 192.168.56.12 ...
[2013-10-24 23:35:37] [INFO ] issue authorized_keys to all remote hosts over!
6.3 查看帮助
[hadoop@duangr-1 ssh-key-generate2]$ ./ssh-key-generate.sh -help
Usage: ssh-key-generate.sh -help
show help informantion.
Usage: ssh-key-generate.sh -v|-version
show version informantion.
Usage: ssh-key-generate.sh detect
only detect between all remote hosts.
Usage: ssh-key-generate.sh
Generate SSH KEY between all hosts, please check config.ini before run.
config.ini
LOCAL_ADDR - Local host address. It's necessary.
REMOTE_ADDR - Remote host address. It's necessary, Use ',' to split mult addrs
PASSWD - All hosts default password. It's necessary.