Applicable scenarios:
One of the popular automation operations: Ansible is based on SSH communication. Therefore, before using ansible, you need to resolve the SSH communication problem between the Ansible server and each managed node first. The first method is to use the user name and password to SSH communication, the password needs to be stored in plaintext in the ansible hosts file, there is a security breach of the password. The second method is to implement password-free SSH communication based on the key, so you need to send your own public key to all managed nodes first.
The following script can automatically send public keys to multiple remote hosts without interaction. Scripts are written in Python 2.7 and need to be installed with the Pexpect module, installation method:easy_install pexpect
You can modify the remote host list, the remote host user, the SSH port number, and the public key path to be sent as needed:
#!/usr/bin/env python#coding: utf-8import pexpectimport sysimport osdef PutPublicKey (Publickey,user,servers,port): for server in servers: child = pexpect.spawn ("/usr/bin/ssh-copy-id -p % s -i %s %[email protected]%s " % (port,publickey,user,server)) index = child.expect (["yes/no", "password", "exist", Pexpect.exceptions.EOF, pexpect. TIMEOUT]) if index != 0 and index != 1: print ("No public key is uploaded to%s "% (server)) child.close (force=True) else: print ("Start uploading public key to%s"% (server)) Child.sendline ("Yes") child.expect (" Password ") child.sendline (" 12345 ") child.expect ("added") print ("The public key has been uploaded to%s"% (server)) print print ("Task Execution complete") if __name__ == ' __main__ ': user = "root" #指定远程主机用户名 servers = ["LB1", "lb2"] #指定远程主机列表 port = "2222" #指定远程主机的ssh端口 publickey = "/home/ansible/.ssh/id_rsa.pub" #指定要上传的公钥 #如果指定的公钥不存在, auto-Create if not Os.path.exists (PublicKey): direname = Os.path.dirname (PublicKey) print ("The specified public key does not exist, the private key and public key are automatically generated, the path is: %s "% (Direname)) child = pexpect.spawn (" ssh-keygen -t rsa -p " -f %s/id_rsa" % (direname)) child.expect (Pexpect.exceptions.EOF) child.close (force=true) print ("generated private key and public key ") print putpublickey ( Publickey,user,servers,port)
Effect:
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8D/51/wKiom1iXRwrB16gUAAAaLaUu8VE243.png "title=" B.png " alt= "Wkiom1ixrwrb16guaaaalauu8ve243.png"/>
Use Python scripts to send SSH public keys to multiple hosts in bulk