CentOS配置SSH免密

最新推荐文章于 2022-07-15 18:36:28 发布

DevOps-2018

最新推荐文章于 2022-07-15 18:36:28 发布

阅读量183

点赞数

分类专栏： CentOS 文章标签： ssh linux centos

本文链接：https://blog.csdn.net/zjfjifei2008/article/details/111565905

版权

CentOS 专栏收录该内容

11 篇文章 0 订阅

订阅专栏

准备环境

2台CentOS7.9服务器
服务器IP：192.168.30.11、192.168.30.12、192.168.30.13

准备shell脚本

通过脚本自动生产SSH秘钥，

[root@localhost ~]# cat ssh_auto.sh 
#!/bin/bash
rpm -q expect
if [ $? -ne 0 ];then
    yum -y install expect
fi
ssh_keygen_ceate() {
expect << -EOF
spawn ssh-keygen -t rsa
expect {
    "save the key" {send "\r";exp_continue}
    "Overwrite" {send "y\r";exp_continue}
    "Enter passphrase" {send "\r";exp_continue}
    "same passphrase" {send "\r"}
}
expect eof
-EOF
}
# 判断是否已存在SSH秘钥，如果不存在，则生成SSH秘钥
if [ ! -f /root/.ssh/id_rsa.pub ];then
    ssh_keygen_ceate
    echo '生成SSH秘钥'
else
    echo '已存在秘钥'
fi
CLIENT1=$1	#服务器IP地址
USER=$2	    #服务器用户名
PASSWD=$3	#服务器密码
ssh_copy_id_auto(){
expect << -EOF
spawn ssh-copy-id ${USER}@${CLIENT1}
expect {
    "yes/no" {send "yes\r";exp_continue}
    "password" {send "$PASSWD\r"}
}
expect eof
-EOF
}
ssh_copy_id_auto

执行shell脚本，实现免密

将ssh_auto.sh上传到192.168.30.13服务器上，并执行ssh_auto.sh，向192.168.30.12做免密SSH

[root@localhost ~]# sh ssh_auto.sh 192.168.30.12 <用户名> <密码>
expect-5.45-14.el7_1.x86_64
已存在秘钥
spawn ssh-copy-id root@192.168.30.12
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.30.12 (192.168.30.12)' can't be established.
ECDSA key fingerprint is SHA256:j57T4ojd2p6lvydRC8FO35vG8rvKwQ2JlU67FxjdG0E.
ECDSA key fingerprint is MD5:c3:54:e9:d0:2c:5b:6d:d1:ce:2e:1b:48:52:d5:06:be.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.30.12's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.30.12'"
and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh root@192.168.30.12
Last login: Tue Dec 15 16:32:32 2020 from 192.168.30.13

各服务器之间做SSH免密

192.168.30.13上执行：

[root@localhost ~]# sh ssh_auto.sh 192.168.30.11 <用户名> <密码>

192.168.30.12上执行：

[root@localhost ~]# sh ssh_auto.sh 192.168.30.11 <用户名> <密码>
[root@localhost ~]# sh ssh_auto.sh 192.168.30.13 <用户名> <密码>

192.168.30.11上执行：

[root@localhost ~]# sh ssh_auto.sh 192.168.30.12 <用户名> <密码>
[root@localhost ~]# sh ssh_auto.sh 192.168.30.13 <用户名> <密码>

测试各服务器之间SSH免密

192.168.30.13上执行：

[root@localhost ~]# scp ssh_auto.sh root@192.168.30.11:/root/
ssh_auto.sh                                                                                          100%  809   815.8KB/s   00:00    
[root@localhost ~]# scp ssh_auto.sh root@192.168.30.12:/root/
ssh_auto.sh                                                                                          100%  809   930.5KB/s   00:00    
[root@localhost ~]#

DevOps-2018

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
CentOS配置SSH免密

准备环境2台CentOS7.9服务器服务器IP：192.168.30.11、192.168.30.12、192.168.30.13准备shell脚本通过脚本自动生产SSH秘钥，[root@localhost ~]# cat ssh_auto.sh #!/bin/bashrpm -q expectif [ $? -ne 0 ];then yum -y install expectfissh_keygen_ceate() {expect << -EOFspawn
复制链接

扫一扫

专栏目录