ssh-keygen免密登录
来源:互联网 发布:linux查看db2数据库 编辑:程序博客网 时间:2024/05/21 21:42
#!/bin/bash#Function:Script will automatically generate the current login account of the public key to send to#multiple remote hosts, in order to achieve the purpose of this machine SSH free login multiple remote host#Usage:bash ssh-login-withoutpasswd.sh#Date:2016/8#Author:Jian#运行该脚本前,请先安装expect,否则脚本运行不成功,原理:将本机产生的公钥id_rsa.pub用scp传输至远程服务器#的家目录下的.ssh目录中便可实现本机(注意是用本机产生公钥的账号)登陆远程主机的目的#需要注意的是要将远程主机各个家目录下的.ssh:chmod 700,其下面的文件全部:chmod 600#在centos,rhel及ubuntu测试通过,如果成功将本机公钥传输到远程主机却不能免密登陆,请检查远程主机的selinux和iptables#需要的话,可自行添加日志相关代码check_hosts_on () {ping_out=`mktemp ping.XXXXXX`hosts_online=`mktemp hosts_online.XXXXXX`cd $current_dirfor ip in $(cat hostnamelist|awk -F : '{print $1}')doping -c1 -w1 $ip >/dev/null && echo "$ip is up" || echo "$ip is down"done>>$ping_outfor ip_online in $(cat $ping_out|grep "up"|awk '{print $1}')dogrep "$ip_online" hostnamelist >> $hosts_onlinedone}authorized_file_transfer () {#enter the directory where hostnamelist is located#the hostnamelist file has a target host IP address that needs to be delivered#save format as ipaddr:username:password,eg:192.168.1.10:root:123456,note that do not leave spacescd $current_dirfor remote_infor in `cat $hosts_online`doremote_ip_addr=`echo "$remote_infor" | awk -F : '{print $1}'`remote_username=`echo "$remote_infor" | awk -F : '{print $2}'`remote_password=`echo "$remote_infor" | awk -F : '{print $3}'`expect << EOFset timeout 10spawn ssh -o StrictHostKeyChecking=no $remote_username@$remote_ip_addrset timeout 10expect "$remote_username@$remote_ip_addr's password:"set timeout 10send "$remote_password\r"set timeout 10expect {"*#*" {send "mkdir -p ~/.ssh\r"}"*\$*" {send "mkdir -p ~/.ssh\r"}}set timeout 10expect {"*#*" {send "scp -o StrictHostKeyChecking=no $local_username@$local_ip_addr:$HOME/.ssh/id_rsa.pub ~/.ssh/authorized_keys_from_$local_ip_addr\r"}"*\$*" {send "scp -o StrictHostKeyChecking=no $local_username@$local_ip_addr:$HOME/.ssh/id_rsa.pub ~/.ssh/authorized_keys_from_$local_ip_addr\r"}}set timeout 10expect "$local_username@$local_ip_addr's password:"set timeout 10send "$local_host_passwd\r"set timeout 10expect {"*#*" {send "cat ~/.ssh/authorized_keys_from_$local_ip_addr >> ~/.ssh/authorized_keys\r"}"*\$*" {send "cat ~/.ssh/authorized_keys_from_$local_ip_addr >> ~/.ssh/authorized_keys\r"}}set timeout 10expect {"*#*" {send "chmod 700 ~/.ssh && chmod 600 ~/.ssh/* && rm -f ~/.ssh/authorized_keys_from_$local_ip_addr\r"}"*\$*" {send "chmod 700 ~/.ssh && chmod 600 ~/.ssh/* && rm -f ~/.ssh/authorized_keys_from_$local_ip_addr\r"}}set timeout 10expect {"*#*" {send "chown -R $remote_username: ~/.ssh\r"}"*\$*" {send "chown -R $remote_username: ~/.ssh\r"}}set timeout 10expect {"*#*" {send "exit\r"}"*\$*" {send "exit\r"}}set timeout 10expect eofEOFdone}create_authorized_file () {#using ssh-keygen to generate the key, the path is the default path, the empty passwordif [ -d ~/.ssh ];thenssh-keygen -t rsa -P '' -f ~/.ssh/id_rsaelsemkdir -p ~/.sshssh-keygen -t rsa -P '' -f ~/.ssh/id_rsafi}#get local IP addresslocal_ip_addr=`/sbin/ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d "addr:"|head -1`local_host_passwd="123456"#get the user name of the current login userlocal_username=`whoami`#get the directory where the current run script is locatedcurrent_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"cd $current_dir#first determine whether the host list file existsif [ -f hostnamelist ]; then#detect which hosts online, which offlinecheck_hosts_onif grep "down" $ping_out >/dev/null; thenecho "Warning:$(sed -n '/down/p' $ping_out|wc -l) hosts offline:"sed -n '/down/p' $ping_outecho "$(sed -n '/up/p' $ping_out|wc -l) hosts online:"sed -n '/up/p' $ping_outelseecho "The hosts in the hostnamelist are all online!"fiif [ -f ~/.ssh/id_rsa ] && [ -f ~/.ssh/id_rsa.pub ]; thenauthorized_file_transferchown -R $local_username: ~/.ssh/chmod 600 ~/.ssh/*chmod 700 ~/.sshrm -f $ping_outrm -f $hosts_onlineexit 0elsecreate_authorized_fileauthorized_file_transferchown -R $local_username: ~/.ssh/chmod 600 ~/.ssh/*chmod 700 ~/.sshrm -f $ping_outrm -f $hosts_onlineexit 0fielseecho "Error:the important file 'hostnamelist' has been lost"echo "Now,creat it,but you still write something inside,the format is as follows:"touch hostnamelistecho "remote_ip_addr:remote_user_name:remote_host_password"exit 0fi
0 0
- ssh-keygen免密登录
- SSH使用ssh-keygen免密码登录
- 使用SSH-Keygen免密登录远端服务器
- ssh-keygen和ssh-copy-id实现免密登录远程主机
- SSH使用ssh-keygen 远程登录主机免输入密码
- SSH使用ssh-keygen远程登录主机免输入密码
- ssh-keygen配合ssh_config免密码登录VPS
- ssh-keygen配合ssh_config免密码登录VPS
- ssh-keygen生成公私钥免密码登录远程服务器
- ssh 免密登录
- ssh免密登录
- SSH免密登录
- SSH免密登录
- SSH免密登录
- ssh免密登录
- SSH免密登录
- ssh免密登录
- ssh免密登录
- 7_11_B题 Stealing Harry Potter's Precious(BFS+暴搜)
- XCode编译速度慢的处理方法
- Jfinal整合Beetl
- CSS常见的行内元素和块元素
- 模式识别之统计判决
- ssh-keygen免密登录
- 竞赛真理_rqnoj160_dfs||dp
- 剑指offer-动态规划算法
- linux0.11 bootsect.s 分析
- TestWindowClose匿名内部类实现Adapter
- 响应式Viewport详解
- MAC帧与PPP帧的区别
- 【模板】两多边形交并面积模板
- PowerDesigner16.5使用总结