使用shell和expect一键批量分发SSH密钥脚本

这是一个使用shell和expect无需做任何配置一键就实现批量分发密钥和文件的脚本:

#!/bin/bash
# this scripts comes from linuxidc trainning's student.
# function: remote dis ssh key.
# version:1.1
. /etc/init.d/functions
file="$1"
remote_dir="$2"
if [[ $# -ne 2 ]];then
echo  "usage:$0 argv2"
echo "must have one argvs"
exit
fi
function KNOWN_HOST_REBUILD()
{
#确保本机存在known_hosts列表
[ ! -e ~/.ssh/known_hosts ] && mkdir -p ~/.ssh/ && touch ~/.ssh/known_hosts
local i=$1
sed -i "/^${i} /d" ~/.ssh/known_hosts
expect -c "
spawn /usr/bin/ssh linuxidc@${i} echo ok;
expect \"*yes/no)?\";
send \"yes\r\";
expect eof " >/dev/null 2>&1
return 0
[[ $? -ne 0 ]] && echo "$i know host rebuild fail,maybe the server connect error"
}
function PASS_PASSWD()
{
ip=$1
expect -c "
set timeout -1
spawn ssh-copy-id -i id_dsa linuxidc@$ip
expect \"*password:\"
send \"linuxidc123\r\"
expect eof" >/dev/null 2>&1
}
function FENFA_id_dsa()
{
for ip in `awk '/^[^#]/{print $1}' all_client.txt`
do
KNOWN_HOST_REBUILD $ip
PASS_PASSWD $ip
if [[ $? -eq 0 ]];then
action "$ip send id_dsa is successful" /bin/true
else
action "$ip send id_dsa is failed copied" /bin/false
fi
done
}
function FENFA_config()
{
for ip in `awk '/^[^#]/{print $1}' all_client.txt`
do
port=$(grep $ip all_client.txt|awk '{print $2}')
scp -P${port} -r -p ${file} linuxidc@${ip}:~ >/dev/null 2>&1 && \
ssh -p${port} -t linuxidc@$ip sudo rsync ~/`basename ${file}` $remote_dir >/dev/null 2>&1
if [[ $? -eq 0 ]];then
action "$ip send $file is successful!!" /bin/true
else
action "$ip send $file is failed!!" /bin/false
fi
done
}
FENFA_id_dsa
FENFA_config

相关推荐