1.creat Managment Certification on Mangar Server
SSH-KEYGEN-T RSA
2.creat Client certification on client
SSH-KEYGEN-T RSA
3.Copy certification from Server to Client and change name "Authorized_keys"
Scp/root/.ssh/id_rsa.pub 192.168.1.xx1:/root/.ssh/authorized_keys
Scp/root/.ssh/id_rsa.pub 192.168.1.xx2:/root/.ssh/authorized_keys
Mark: pls backup the public RSA key to other server
4.install password creater "expect"
Yum-y Install expect Expect-devel
+++++++++++++++mkpasswd++++++++++++++++++++++++++++
mkpasswd [args] [user]
Where arguments is:
-L # (length of password, default = 10)
-D # (min # of digits, default = 2)
-C # (min # of lowercase chars, default = 2)
-C # (min # of uppercase chars, default = 2)
-S # (min # of special chars, default = 1)
-V (verbose, show passwd interaction)
-P Prog (program to set password, default = passwd)
+++++++++++++++mkpasswd++++++++++++++++++++++++++++
5.vi/root/.ssh/ip_list.txt
192.168.1.xx1
192.168.1.xx2
192.168.1.xx3
...
6.vi/root/.ssh/changepassword.sh
+++++++++++++++changepassword.sh++++++++++++++++++++++++++++
#!/bin/bash
For IP in ' cat/root/.ssh/ip_list.txt ' #input client IP address
Do
Tmp_pwd= ' mkpasswd-l 10-c 3-c 2-d 2 '
R_pwd= ' echo ${tmp_pwd} '
echo "${tmp_pwd}" >. R_pwd.txt
If [$ = 0]; Then
SSH $IP passwd root--stdin <. R_pwd.txt
Echo-e "$ (date" +%y-%m-%d%h:%m:%s ") \t${ip}\t${r_pwd}\t" >> R_server.log
Else
Echo-e "$ (date" +%y-%m-%d%h:%m:%s ") \t${ip} r_pwd.txt is create Fail\tplease check!\t"
Fi
If [$ = 0]; Then
Echo-e "$ (date" +%y-%m-%d%h:%m:%s ") \tthe ${ip} passwd is modify Ok\t"
Else
Echo-e "$ (date" +%y-%m-%d%h:%m:%s ") \tthe ${ip} passwd is modify Fail\tplease check!\t"
Fi
Done
echo "+++++++++++++ip and Password list+++++++++++++++++"
Cat R_server.log
Rm. R_pwd.txt-f
+++++++++++++++changepassword.sh++++++++++++++++++++++++++++
7.modify the X Right
cd/root/.ssh/
chmod 777 changepassword.sh
8.run it
./changepassword.sh
Linux-remote Change Password (more)