通过shell脚本批量部署ssh私钥认证以及批量操作工具pssh的简单使
在日常工作中,批量管理服务器是个力气活,如果手工一台一台处理,效率低下。此时,老外写的pssh工具实现了批量管理,它是基于Python开发的,它的官方地址是:http://www.theether.org/pssh/ 。它的原理是先建立ssh私钥认证,然后用pssh工具批量管理。
测试环境:
192.168.8.188 ---->本地服务器
192.168.8.50 ---->远程服务器
192.168.8.220 ---->远程服务器
1.先在登陆机上生成公钥和私钥
[root@lnamp ~]# ssh-keygen -t rsa #一路回车
如果不用脚本也如下一步一步操作:
把公钥id_rsa.pub拷贝到远程登录机上
[root@lnamp ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
21
[email protected]'s password:
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys to make sure we haven't added extra keys that you weren't expecting.
现在你直接用:ssh 192.168.8.50 就不用输入密码了!
下面介绍用脚本批量部署
2.批量部署ssh私钥认证的脚本
首先要查看系统有没有expect这个工具,后面脚本中要用这个工具,没有的话yum安装就可以了!
[root@lnamp ~]# yum -y install expect
#!/bin/bash cd /root cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys for i in `cat ip.txt` do ip=$(echo "$i"|cut -f1 -d":") password=$(echo "$i"|cut -f2 -d":") expect -c " spawn scp /root/.ssh/authorized_keys /root/remote_operate.sh root@$ip:/tmp/ expect { \"*yes/no*\" {send \"yes\r\"; exp_continue} \"*password*\" {send \"$password\r\"; exp_continue} \"*Password*\" {send \"$password\r\";} } " expect -c " spawn ssh root@$ip "/tmp/remote_operate.sh" expect { \"*yes/no*\" {send \"yes\r\"; exp_continue} \"*password*\" {send \"$password\r\"; exp_continue} \"*Password*\" {send \"$password\r\";} } " done
#!/bin/bash if [ ! -d /root/.ssh ];then mkdir /root/.ssh fi cp /tmp/authorized_keys /root/.ssh/