第一种:
使用ssh-copy-id的方式来实现,这样过程中需要真正登录到其他机器,有登入和退出动作
#!/bin/bash
# ssh_batch.sh
# set -x
#####################################################
# generate host-ips for ssh_batch.sh
# cat host-ips
# 172.30.0.10
# 172.30.0.11
# 172.30.0.12
HOST_IPS=./host-ips
PASSWD=$1
if [ ! -n "$PASSWD" ]; then
PASSWD=123456
fi
# get master ip
MASTER_IP=$(cat $HOST_IPS | head -n 1)
# ssh-keygen
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn ssh $IP
expect "*password*" {send "$PASSWD\n"}
expect "#" {send "ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa -q\r";}
expect "*y/n*" {send "n\r";exp_continue}
expect "#" {send "ssh-copy-id -i /root/.ssh/id_rsa.pub root@$MASTER_IP\n"}
expect "*password*" {send "$PASSWD\n"}
expect "#" {send "exit\n"}
expect eof
EOF
done
# use ssh batch excute command
for COREIP in $(cat $HOST_IPS | sed -n '2,$p')
do
/usr/bin/expect << EOF
spawn scp /root/.ssh/authorized_keys root@$COREIP:/root/.ssh/authorized_keys
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
done
第二种(推荐):
ssh免密登录实际上就是将集群各个机器上的id_rsa.pub拷贝到authorized_keys中,sshd_config中默认配置了AuthorizedKeysFile .ssh/authorized_keys
就会去读取authorized_keys中的pub_key,所以就是将所有的pub_key都拷贝到authorized_keys再分发到每个机器即可
#!/bin/bash
# ssh_batch.sh
# set -x
#####################################################
# generate host-ips for ssh_batch.sh
# cat host-ips
# 172.30.0.10
# 172.30.0.11
# 172.30.0.12
HOST_IPS=./host-ips
PASSWD=$1
if [ ! -n "$PASSWD" ]; then
PASSWD=123456
fi
# ssh-keygen
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn ssh $IP "rm -rf /root/.ssh; ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa -q"
expect "*password*" {send "$PASSWD\n";}
expect eof
EOF
done
# copy id_rsa.pub
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn scp root@$IP:/root/.ssh/id_rsa.pub /root/.ssh/id_rsa.pub.$IP
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
cat /root/.ssh/id_rsa.pub.$IP >> /root/.ssh/authorized_keys
rm -f /root/.ssh/id_rsa.pub.$IP
done
# push authorized_keys
for COREIP in $(cat $HOST_IPS | sed -n '2,$p')
do
/usr/bin/expect << EOF
spawn scp /root/.ssh/authorized_keys root@$COREIP:/root/.ssh/authorized_keys
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
done
只需在一台机器上执行即可完成Linux集群的所有机器的免密登录
第一种:
使用ssh-copy-id的方式来实现,这样过程中需要真正登录到其他机器,有登入和退出动作
#!/bin/bash
# ssh_batch.sh
# set -x
#####################################################
# generate host-ips for ssh_batch.sh
# cat host-ips
# 172.30.0.10
# 172.30.0.11
# 172.30.0.12
HOST_IPS=./host-ips
PASSWD=$1
if [ ! -n "$PASSWD" ]; then
PASSWD=123456
fi
# get master ip
MASTER_IP=$(cat $HOST_IPS | head -n 1)
# ssh-keygen
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn ssh $IP
expect "*password*" {send "$PASSWD\n"}
expect "#" {send "ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa -q\r";}
expect "*y/n*" {send "n\r";exp_continue}
expect "#" {send "ssh-copy-id -i /root/.ssh/id_rsa.pub root@$MASTER_IP\n"}
expect "*password*" {send "$PASSWD\n"}
expect "#" {send "exit\n"}
expect eof
EOF
done
# use ssh batch excute command
for COREIP in $(cat $HOST_IPS | sed -n '2,$p')
do
/usr/bin/expect << EOF
spawn scp /root/.ssh/authorized_keys root@$COREIP:/root/.ssh/authorized_keys
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
done
第二种(推荐):
ssh免密登录实际上就是将集群各个机器上的id_rsa.pub拷贝到authorized_keys中,sshd_config中默认配置了AuthorizedKeysFile .ssh/authorized_keys
就会去读取authorized_keys中的pub_key,所以就是将所有的pub_key都拷贝到authorized_keys再分发到每个机器即可
#!/bin/bash
# ssh_batch.sh
# set -x
#####################################################
# generate host-ips for ssh_batch.sh
# cat host-ips
# 172.30.0.10
# 172.30.0.11
# 172.30.0.12
HOST_IPS=./host-ips
PASSWD=$1
if [ ! -n "$PASSWD" ]; then
PASSWD=123456
fi
# ssh-keygen
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn ssh $IP "rm -rf /root/.ssh; ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa -q"
expect "*password*" {send "$PASSWD\n";}
expect eof
EOF
done
# copy id_rsa.pub
for IP in $(cat $HOST_IPS)
do
/usr/bin/expect << EOF
spawn scp root@$IP:/root/.ssh/id_rsa.pub /root/.ssh/id_rsa.pub.$IP
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
cat /root/.ssh/id_rsa.pub.$IP >> /root/.ssh/authorized_keys
rm -f /root/.ssh/id_rsa.pub.$IP
done
# push authorized_keys
for COREIP in $(cat $HOST_IPS | sed -n '2,$p')
do
/usr/bin/expect << EOF
spawn scp /root/.ssh/authorized_keys root@$COREIP:/root/.ssh/authorized_keys
expect "*password*" {send "$PASSWD\n"}
expect eof
EOF
done