批量部署ssh私钥认证以及pssh工具使用方法

来源：互联网发布：法师dpro雾化器数据编辑：程序博客网时间：2024/05/02 04:41

在日常工作中，批量管理服务器是个力气活，如果人工一台一台处理，效率低下。此时，老外写的pssh工具实现了批量管理。http://www.theether.org/pssh/

它的原理是先建立ssh私钥认证，然后用pssh工具批量管理。

下面，我写了一个批量部署ssh私钥认证的脚本。

batch_sshkey.sh
==============================================================

#!/bin/bash

cd /root

cat /root/.ssh/id_rsa.pub > /root/.ssh/authorized_keys

for i in `cat ip.txt`
do
ip=$(echo "$i"|cut -f1 -d":")
password=$(echo "$i"|cut -f2 -d":")

expect -c "
spawn scp /root/.ssh/authorized_keys /root/remote_operate.sh  root@$ip:/tmp/
        expect {
                \"*yes/no*\" {send \"yes\r\"; exp_continue}
                \"*password*\" {send \"$password\r\"; exp_continue}
                \"*Password*\" {send \"$password\r\";}
        }
"

expect -c "
spawn ssh root@$ip "/tmp/remote_operate.sh"
        expect {
                \"*yes/no*\" {send \"yes\r\"; exp_continue}
                \"*password*\" {send \"$password\r\"; exp_continue}
                \"*Password*\" {send \"$password\r\";}
        }
"

done

============================================================

ip.txt（前面是IP，后面是密码，用冒号：分割）

192.168.8.23:123456
192.168.8.24:456789

============================================================

remote_operate.sh

#!/bin/bash

if [ ! -d /root/.ssh ];then
mkdir /root/.ssh
fi
cp /tmp/authorized_keys /root/.ssh/

==========================================================

运行batch_sshkey.sh即可。

下面介绍PSSH工具使用方法，使用很简单：

# yum install *python*

# tar zxvf pssh-1.4.3.tar.gz

# cd pssh-1.4.3

# python setup.py install

# 批量执行hostname命令
# pssh -h other.txt -l root -i hostname
[1] 16:08:36 [SUCCESS] 192.168.110.122 22
hadoop-namenode
[2] 16:08:36 [SUCCESS] 192.168.110.123 22
hadoop-secondnamenode
[3] 16:08:36 [SUCCESS] 192.168.110.203 22
EnvFactoryServer203
[4] 16:08:36 [SUCCESS] 192.168.110.202 22
EnvFactoryServer202
[5] 16:08:36 [SUCCESS] 192.168.251.43 22
SC-HOST-43
[6] 16:08:36 [SUCCESS] 192.168.251.42 22
SC-HOST-42
[7] 16:08:36 [SUCCESS] 192.168.0.106 22
PSA-Host-106
[8] 16:08:36 [SUCCESS] 192.168.0.105 22
PSA-HOST-105
[9] 16:08:36 [SUCCESS] 192.168.110.138 22
hadoop-datanode3
[10] 16:08:36 [SUCCESS] 192.168.110.252 22
zhuanxiang.liuxin
[11] 16:08:36 [SUCCESS] 192.168.110.137 22
hadoop-datanode2
[12] 16:08:36 [SUCCESS] 192.168.110.140 22
hadoop-datanode5
[13] 16:08:36 [SUCCESS] 192.168.110.139 22
hadoop-datanode4
[14] 16:08:36 [SUCCESS] 192.168.110.213 22
SiteA-APP-01
[15] 16:08:36 [SUCCESS] 192.168.110.141 22
hadoop-datanode6
[16] 16:08:36 [SUCCESS] 192.168.0.100 22
SC-Host-100
[17] 16:08:36 [SUCCESS] 192.168.110.124 22
hadoop-datanode1
[18] 16:08:37 [SUCCESS] 192.168.0.101 22
SC-Host-101

# 批量拷贝本地文件nrpe.tgz到远端服务器
# pscp -h other.txt -l root /home/soft/nrpe.tgz /usr/local/
[1] 16:11:21 [SUCCESS] 192.168.110.123 22
[2] 16:11:22 [SUCCESS] 192.168.251.43 22
[3] 16:11:23 [SUCCESS] 192.168.110.202 22
[4] 16:11:23 [SUCCESS] 192.168.110.140 22
[5] 16:11:23 [SUCCESS] 192.168.110.138 22
[6] 16:11:25 [SUCCESS] 192.168.110.203 22
[7] 16:11:25 [SUCCESS] 192.168.110.213 22
[8] 16:11:26 [SUCCESS] 192.168.0.101 22
[9] 16:11:26 [SUCCESS] 192.168.110.122 22
[10] 16:11:27 [SUCCESS] 192.168.0.105 22
[11] 16:11:28 [SUCCESS] 192.168.110.139 22
[12] 16:11:28 [SUCCESS] 192.168.110.141 22
[13] 16:11:28 [SUCCESS] 192.168.0.100 22
[14] 16:11:28 [SUCCESS] 192.168.110.124 22
[15] 16:11:29 [SUCCESS] 192.168.110.137 22
[16] 16:11:29 [SUCCESS] 192.168.0.106 22
[17] 16:11:30 [SUCCESS] 192.168.110.252 22
[18] 16:11:30 [SUCCESS] 192.168.251.42 22

# more other.txt
192.168.0.100
192.168.0.101
192.168.251.42
192.168.251.43
192.168.0.105
192.168.0.106
192.168.110.213
192.168.110.122
192.168.110.123
192.168.110.124
192.168.110.137
192.168.110.138
192.168.110.139
192.168.110.140
192.168.110.141
192.168.110.252
192.168.110.202
192.168.110.203

本文出自 “贺春旸的技术专栏” 博客，请务必保留此出处http://hcymysql.blog.51cto.com/5223301/891361