shell批量设置免密认证
shell批量设置免密认证
实验背景:笔者想使用ansible同步一批虚拟机的配置,需要对这些虚拟机进行免密设置
- 实验所需文件及脚本如下图
生成ip列表
#!/bin/bash #################################### # Function: generate ip list for use #################################### # auther: [email protected] # Changelog: # 2018-07-11 wanghui initial #################################### # set -x # define ip Subnet SUBNET=192.168.10. for ip in `seq 20 25`; do echo "$SUBNET$ip" >> /root/ip.txt done [ $? -eq 0 ] && echo "Generate Ip List Complete."
生成密码文件
#!/bin/bash ########################################## # Function: generate password list for use ########################################## # auther: [email protected] # Changelog: # 2018-07-11 wanghui initial ########################################## # set -x # define ip Subnet PASSWORD=password for pd in `seq 20 25`; do echo "$PASSWORD$pd" >> /root/password.txt done [ $? -eq 0 ] && echo "Generate Password List Complete."
- 合并ip文件和密码文件
/usr/bin/paste -d: /root/ip.txt /root/password.txt > /root/ip-password.txt
- 笔者ip-password文件格式:
[root@wanghui ~]# cat ip-password.txt 192.168.10.20:211212 192.168.10.21:211212 192.168.10.22:211212 192.168.10.23:211212 192.168.10.24:211212 192.168.10.25:211212 # 由于笔者虚拟机初始密码都一样,这里为了实验方便,建议使用不同的密码
创建批量设置ssh免密认证脚本
#!/bin/bash ######################################################### # Functions: batch ssh free secret login ######################################################### # Author: [email protected] # Changelog: # 2018-07-11 wanghui initial create ######################################################### # set -x # generate ip-password.txt for paste_ip_password.sh IP_PASSWORD=/root/ip-password.txt # if expect exists rpm -qa | grep expect >> /dev/null if [ $? -eq 0 ];then echo "expect already install." else yum install expect -y fi # batch ssh Certification for IP in $(cat $IP_PASSWORD) do ip=$(echo "$IP" | cut -f1 -d ":") password=$(echo "$IP" | cut -f2 -d ":") # begin expect expect -c " spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip expect { \"*yes/no*\" {send \"yes\r\"; exp_continue} \"*password*\" {send \"$password\r\"; exp_continue} \"*Password*\" {send \"$password\r\";} } " done # use ssh batch excute command for hostip in $(cat $IP_PASSWORD | cut -f1 -d ":") do ssh root@$hostip 'uptime' done
- 本地重新生成ssh私钥公钥
[root@wanghui ~]# rm -rf .ssh/ [root@wanghui ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:+QrZGBOpZciJqG9QnDmT2d5wLDoJiuXLmob7avcWYFk [email protected] The key's randomart image is: +---[RSA 2048]----+ | | | o O E . | |o % X B | |+= X O . . | |= * + + S | | + o . * . | |. = = . . | |.* . . . . | |B+o o. . | +----[SHA256]-----+
执行脚本、批量设置免密认证
[root@wanghui ~]# bash batch_set_ssh_secret.sh expect already install. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.20 (192.168.10.20)' can't be established. ECDSA key fingerprint is SHA256:WV7KiVaITK4NnnYC1ebdmXg+QEmUAKtpD4bH0To7uPU. ECDSA key fingerprint is MD5:f3:c9:59:14:cd:b1:bf:08:9e:cf:3a:cc:63:02:46:8b. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.21 (192.168.10.21)' can't be established. ECDSA key fingerprint is SHA256:WV7KiVaITK4NnnYC1ebdmXg+QEmUAKtpD4bH0To7uPU. ECDSA key fingerprint is MD5:f3:c9:59:14:cd:b1:bf:08:9e:cf:3a:cc:63:02:46:8b. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.22 (192.168.10.22)' can't be established. ECDSA key fingerprint is SHA256:WV7KiVaITK4NnnYC1ebdmXg+QEmUAKtpD4bH0To7uPU. ECDSA key fingerprint is MD5:f3:c9:59:14:cd:b1:bf:08:9e:cf:3a:cc:63:02:46:8b. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.23 (192.168.10.23)' can't be established. ECDSA key fingerprint is SHA256:DDyxtC8wq06dGmngNcX7xU4XprZ/WCz7vfVikiSUix8. ECDSA key fingerprint is MD5:97:32:a0:7c:5a:59:06:f5:cf:f3:87:df:e0:e0:fb:b6. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.24 (192.168.10.24)' can't be established. ECDSA key fingerprint is SHA256:DDyxtC8wq06dGmngNcX7xU4XprZ/WCz7vfVikiSUix8. ECDSA key fingerprint is MD5:97:32:a0:7c:5a:59:06:f5:cf:f3:87:df:e0:e0:fb:b6. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.10.25 (192.168.10.25)' can't be established. ECDSA key fingerprint is SHA256:DDyxtC8wq06dGmngNcX7xU4XprZ/WCz7vfVikiSUix8. ECDSA key fingerprint is MD5:97:32:a0:7c:5a:59:06:f5:cf:f3:87:df:e0:e0:fb:b6. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added. 17:33:26 up 5 days, 23:55, 0 users, load average: 0.15, 0.05, 0.06 09:33:23 up 5 days, 23:56, 0 users, load average: 0.00, 0.01, 0.05 17:33:28 up 5 days, 23:56, 1 user, load average: 0.00, 0.01, 0.05 09:33:22 up 5 days, 23:38, 1 user, load average: 0.08, 0.08, 0.10 09:33:24 up 5 days, 23:38, 1 user, load average: 0.01, 0.02, 0.05 09:33:23 up 5 days, 23:38, 1 user, load average: 0.00, 0.01, 0.05
- 到此通过shell批量设置ssh免密登录完成
- 参考:https://www.cnblogs.com/likai...
相关推荐
yutou0 2020-10-17
huha 2020-10-16
laisean 2020-11-11
大牛牛 2020-10-30
firefaith 2020-10-30
liguojia 2020-10-20
wangzhaotongalex 2020-10-20
以梦为马不负韶华 2020-10-20
JohnYork 2020-10-16
Julyth 2020-10-16
applecarelte 2020-10-16
laisean 2020-09-27
flycappuccino 2020-09-27
liguojia 2020-09-27
wangzhaotongalex 2020-09-22
流年浅滩 2020-10-23
liujianhua 2020-10-22
woaimeinuo 2020-10-21
tufeiax 2020-09-03
laisean 2020-09-01
vvu 2020-09-16
libao 2020-09-16
Yyqingmofeige 2020-08-18
zhushixia 2020-08-17