IT博客汇
  • 首页
  • 精华
  • 技术
  • 设计
  • 资讯
  • 扯淡
  • 权利声明
    • 登录 注册

    ssh自动互信

    summer发表于 2016-06-27 01:00:15
    love 0

    一、脚本说明

    1、在任意节点上,以root用户执行该脚本

    2、脚本中的数组变量:

    1)array_user:控制要进行互信的用户,该脚本中使用的是(root,highgo)

    2)array_node:控制要互信的节点的hostname

    3)需要在执行脚本的当前目录下创建log目录,以存放互信过程中的日志

    4)该脚本中,用户密码均为123456

    二、脚本内容

    #!/bin/bash

    array_user=(root highgo)
    #array_user=(highgo)
    array_node=(gtm gtm_standby node1 node2)

    function expect_root {
    /usr/bin/expect << EOF
       spawn /usr/bin/ssh {1}@{2}
       expect {
         "yes/no" {send "yes\r"; exp_continue}
         "*assword:" {send "123456\r"}
       }
     
       expect {
         "*#" {
           send "/usr/bin/ssh-keygen -t rsa\r";
             expect {
               "*id_rsa):" {send "\n"; exp_continue}
               "(y/n)?" {send "y\r"; exp_continue}
               "passphrase" {send "\n"; exp_continue}
               "again:" {send "\n"}
             }
         }
       }
       expect {
         "*#" {
           send "/usr/bin/scp {3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_{1}_{2}.pub\r";
             expect {
               "yes/no" {send "yes\r"; exp_continue}
               "*assword:" {send "123456\r"}
             }
         }
       }
       expect {
         "*#" {send "exit\n\r"}   
       }
    EOF
    }

    function expect_user {
    /usr/bin/expect << EOF
       spawn /usr/bin/ssh {1}@{2}
       expect {
         "yes/no" {send "yes\r"; exp_continue}
         "*assword:" {send "123456\r"}
       }
       expect {
         "] " {
           send "/usr/bin/ssh-keygen -t rsa\r";
             expect {
               "*id_rsa):" {send "\n"; exp_continue}
               "(y/n)?" {send "y\r"; exp_continue}
               "passphrase" {send "\n"; exp_continue}
               "again:" {send "\n"}
             }
         }
       }   
       expect {
         "] " {
           send "/usr/bin/scp {3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_{1}_{2}.pub\r";
             expect {
               "yes/no" {send "yes\r"; exp_continue}
               "*assword:" {send "123456\r"}
             }
         }
       }
       expect {
         "] " {send "exit\n\r"}
       }
    EOF
    }

    function expect_to {
    /usr/bin/expect << EOF
      spawn /usr/bin/scp /opt/ssh/authorized_keys {1}@{2}:{3}/.ssh/
      expect {
        "yes/no" {send "yes\r"; exp_continue}
        "*assword:" {send "123456\r"}
      }   
      expect "100%"
    EOF
    }

    for user in `echo {array_user[@]}`
    do
      for node in `echo {array_node[@]}`
      do
        touch /opt/ssh/id_{user}_{node}.pub
        cat /dev/null > /opt/ssh/id_{user}_{node}.pub
            if [ "{user}" = "root" ]; then
              user_home=/root
              expect_root {user} {node} {user_home} > ./log/create_{user}_{node}.log 2>&1
            else
              user_home=/home/{user}
              expect_user {user} {node} {user_home} > ./log/create_{user}_{node}.log 2>&1
            fi;        
        done;
    done;

    cat /dev/null > /opt/ssh/authorized_keys
    cat /opt/ssh/id_*.pub > /opt/ssh/authorized_keys
    for user in `echo {array_user[@]}`
    do
      for node in `echo {array_node[@]}`
      do
            if [ "{user}" = "root" ]; then
              user_home=/root
            else
              user_home=/home/{user}
            fi;
            expect_to {user} {node} {user_home} > ./log/to_{user}_{node}.log 2>&1
      done;
    done;



沪ICP备19023445号-2号
友情链接