ssh-keygen非交互式创建秘钥对

1.ssh-keygen非交互式创建秘钥对：

具体命令：ssh-keygen -f ~/.ssh/id_rsa -P ‘’ -q
参数讲解：

ssh-keygen：密钥对创建工具
	[-P old_passphrase]  密码
    [-f output_keyfile]  输出的秘钥文件
    [-q]       不输出信息      
	[-t dsa ]  指定秘钥类型。

2.ssh-copy-id不需要提示yes/no分发秘钥

具体命令：ssh-copy-id -f -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no 172.16.1.8

参数讲解：
ssh-copy-id  -f   -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root@172.16.1.8
**ssh-copy-id [-f] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname**
说明：
-f: force mode 强制
[-i [identity_file]] 指定秘钥文件
[[-o <ssh -o options>] ...] 指定ssh参数选项。

3.sshpass工具：指定密码非人工交互分发秘钥

sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub “-o StrictHostKeyChecking=no” 172.16.1.7

[root@web02 ~]# sshpass -help
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7
sshpass [-f|-d|-p|-e] [-hV] command parameters

参数讲解：
-p password Provide password as argument (security unwise) #指定用户密码操作

4.一键配置实践

把web02作为分发服务器：

web02（8）-->m01（61）
web02（8）-->web01（7）

ssh-keygen -f ~/.ssh/id_rsa  -P '' -q
ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7

#!/bin/bash
#yum install sshpass -y
ssh-keygen -f ~/.ssh/id_rsa  -P '' -q
for ip in 7 61
do
  sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.$ip
done
#test
ssh 172.16.1.7 "ifconfig eth0"
ssh 172.16.1.61 "ifconfig eth0"