linux_6.5无交互批量分发ssh key
------测试192.168.16.66无交互分发ssh key到192.168.16.106------
------系统版本------
[root@rsync_server ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.5 (Santiago)
[root@rsync_client Tue Aug 20 23:02 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.5 (Santiago)
------分发前创建用户------
[root@rsync_server ~]# useradd lbw888
[root@rsync_server ~]# echo "123456" | passwd --stdin lbw888
Changing password for user lbw888.
passwd: all authentication tokens updated successfully.
[root@rsync_client Tue Aug 20 22:55 ~]# useradd lbw888
[root@rsync_client Tue Aug 20 22:59 ~]# echo "123456" | passwd --stdin lbw888
Changing password for user lbw888.
passwd: all authentication tokens updated successfully.
------在16.66上面生成秘钥对------
[lbw888@rsync_server ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/lbw888/.ssh/id_dsa):
Created directory '/home/lbw888/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/lbw888/.ssh/id_dsa.
Your public key has been saved in /home/lbw888/.ssh/id_dsa.pub.
The key fingerprint is:
cf:32:90:6f:fa:b9:11:53:a8:ee:79:ed:57:bf:33:55 lbw888@rsync_server
The key's randomart image is:
+--[ DSA 1024]----+
| |
| . |
| . . |
| o . E|
| + S .|
| . o = . .|
| . *.o . ..|
| . +.=. . o.|
| +o+o.. .+|
+-----------------+
------安装expect------
[root@rsync_server ~]# yum install expect -y
[root@rsync_server ~]# which expect
/usr/bin/expect
------编写expect无交互脚本------
[lbw888@rsync_server ~]$ cat fenfa_sshkey.exp
#!/usr/bin/expect
if { $argc != 2 } {
send_user "usage: expect fenfa_sshkey.exp file host\n"
exit
}
#define var
set file [lindex $argv 0]
set host [lindex $argv 1]
set password "123456"
spawn ssh-copy-id -i $file "-p 22 lbw888@$host"
expect {
"yes/no" {send "yes\r";exp_continue}
"*password" {send "$password\r"}
}
expect eof
exit -onexit {
send_user "lbw say good bye to you!\n"
}
*****用法:expect fenfa_sshkey.exp ~/.ssh/id_dsa.pub 10.0.0.8
------编写批量分发脚本------
[lbw888@rsync_server ~]$ cat fenfa.sh
#!/bin/bash
. /etc/init.d/functions
for ip in `cat iplist`
do
expect fenfa_sshkey.exp ~/.ssh/id_dsa.pub $ip
if [ $? -eq 0 ];then
action "$ip" /bin/true
else
action "$ip" /bin/false
fi
done
------在iplist中输入相应要分发ssh key的ip------
[lbw888@rsync_server ~]$ cat iplist
192.168.16.106
192.168.16.107
192.168.16.108
------脚本授权------
[lbw888@rsync_server ~]$ chmod +x fenfa.sh
[lbw888@rsync_server ~]$ chmod +x fenfa_sshkey.exp
[lbw888@rsync_server ~]$ ll
total 8
-rwxrwxr-x 1 lbw888 lbw888 191 Aug 20 23:07 fenfa.sh
-rwxrwxr-x 1 lbw888 lbw888 388 Aug 20 23:05 fenfa_sshkey.exp
------执行脚本分发------
[lbw888@rsync_server ~]$ ./fenfa.sh
spawn ssh-copy-id -i /home/lbw888/.ssh/id_dsa.pub -p 22 lbw888@192.168.16.106
The authenticity of host '192.168.16.106 (192.168.16.106)' can't be established.
RSA key fingerprint is 98:07:f7:a0:c3:56:f8:f8:ec:3b:b3:c8:7c:64:c9:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.16.106' (RSA) to the list of known hosts.
lbw say good bye to you!
192.168.16.106 [ OK ]
spawn ssh-copy-id -i /home/lbw888/.ssh/id_dsa.pub -p 22 lbw888@192.168.16.107
ssh: connect to host 192.168.16.107 port 22: No route to host
expect: spawn id exp4 not open
while executing
"expect eof"
(file "fenfa_sshkey.exp" line 16)
192.168.16.107 [FAILED]
spawn ssh-copy-id -i /home/lbw888/.ssh/id_dsa.pub -p 22 lbw888@192.168.16.108
ssh: connect to host 192.168.16.108 port 22: No route to host
expect: spawn id exp4 not open
while executing
"expect eof"
(file "fenfa_sshkey.exp" line 16)
192.168.16.108 [FAILED]
------测试ssh无密码执行远程命令------
[lbw888@rsync_server ~]$ ssh 192.168.16.106 /sbin/ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:43:90:F6
inet addr:192.168.16.106 Bcast:192.168.16.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe43:90f6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2544 errors:0 dropped:0 overruns:0 frame:0
TX packets:2425 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:296282 (289.3 KiB) TX bytes:210024 (205.1 KiB)