ssh自动互信

54 阅读 0 评论 36 点赞

我是靠谱客的博主阳光烧鹅，最近开发中收集的这篇文章主要介绍ssh自动互信，觉得挺不错的，现在分享给大家，希望可以做个参考。

概述

2019独角兽企业重金招聘Python工程师标准>>>

一、脚本说明

1、在任意节点上，以root用户执行该脚本

2、脚本中的数组变量：

1）array_user：控制要进行互信的用户，该脚本中使用的是（root，highgo）

2）array_node：控制要互信的节点的hostname

3）需要在执行脚本的当前目录下创建log目录，以存放互信过程中的日志

4）该脚本中，用户密码均为123456

二、脚本内容

#!/bin/bash

array_user=(root highgo)
#array_user=(highgo)
array_node=(gtm gtm_standby node1 node2)

function expect_root {
/usr/bin/expect << EOF
   spawn /usr/bin/ssh ${1}@${2}
   expect {
     "yes/no" {send "yesr"; exp_continue}
     "*assword:" {send "123456r"}
   }

   expect {
     "*#" {
       send "/usr/bin/ssh-keygen -t rsar";
         expect {
           "*id_rsa):" {send "n"; exp_continue}
           "(y/n)?" {send "yr"; exp_continue}
           "passphrase" {send "n"; exp_continue}
           "again:" {send "n"}
         }
     }
   }
   expect {
     "*#" {
       send "/usr/bin/scp ${3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_${1}_${2}.pubr";
         expect {
           "yes/no" {send "yesr"; exp_continue}
           "*assword:" {send "123456r"}
         }
     }
   }
   expect {
     "*#" {send "exitnr"}
   }
EOF
}

function expect_user {
/usr/bin/expect << EOF
   spawn /usr/bin/ssh ${1}@${2}
   expect {
     "yes/no" {send "yesr"; exp_continue}
     "*assword:" {send "123456r"}
   }
   expect {
     "]$ " {
       send "/usr/bin/ssh-keygen -t rsar";
         expect {
           "*id_rsa):" {send "n"; exp_continue}
           "(y/n)?" {send "yr"; exp_continue}
           "passphrase" {send "n"; exp_continue}
           "again:" {send "n"}
         }
     }
   }
   expect {
     "]$ " {
       send "/usr/bin/scp ${3}/.ssh/id_rsa.pub root@gtm :/opt/ssh/id_${1}_${2}.pubr";
         expect {
           "yes/no" {send "yesr"; exp_continue}
           "*assword:" {send "123456r"}
         }
     }
   }
   expect {
     "]$ " {send "exitnr"}
   }
EOF
}

function expect_to {
/usr/bin/expect << EOF
spawn /usr/bin/scp /opt/ssh/authorized_keys ${1}@${2}:${3}/.ssh/
expect {
"yes/no" {send "yesr"; exp_continue}
"*assword:" {send "123456r"}
}
expect "100%"
EOF
}

for user in `echo ${array_user[@]}`
do
for node in `echo ${array_node[@]}`
do
    touch /opt/ssh/id_${user}_${node}.pub
    cat /dev/null > /opt/ssh/id_${user}_${node}.pub
       if [ "${user}" = "root" ]; then
          user_home=/root
          expect_root ${user} ${node} ${user_home} > ./log/create_${user}_${node}.log 2>&1
       else
          user_home=/home/${user}
          expect_user ${user} ${node} ${user_home} > ./log/create_${user}_${node}.log 2>&1
       fi;
   done;
done;

cat /dev/null > /opt/ssh/authorized_keys
cat /opt/ssh/id_*.pub > /opt/ssh/authorized_keys
for user in `echo ${array_user[@]}`
do
for node in `echo ${array_node[@]}`
do
       if [ "${user}" = "root" ]; then
          user_home=/root
       else
          user_home=/home/${user}
       fi;
       expect_to ${user} ${node} ${user_home} > ./log/to_${user}_${node}.log 2>&1
done;
done;