Using Ssh-copy-id to replicate public keys to multiple servers

Source: Internet
Author: User

In the system operation, it is possible to avoid the password through SSH login to the remote host, then the first need to copy the local public key to the remote host, with the Ssh-copy-id command can be easily done.

If a key pair is not generated, the key is generated before the public key is copied to the remote host, USERNAEM is the user name of the remote host, and host is the IP address or domain name of the remote host.

#生成密钥
SSH-KEYGEN-T RSA
#复制公钥到远程主机ssh-copy-id [email protected]

For a single remote host, direct use of the command is possible, but if there are many hosts, need a station operation, it is time-consuming and laborious. So what's the best way to replicate the public key to all hosts at once? To solve this problem, you need to automatically handle the two processes that require manual intervention when executing the Ssh-copy-id command.

One is to enter "Yse" to confirm when you see a prompt similar to the following.

The authenticity of host ' 10.10.5.133 (10.10.5.133) ' can ' t be established. RSA Key fingerprint is SHA256:anhO4ihOzEsun0zDRNAu8Wew9Bxntr7Di6qpJVAnXFQ.Are your sure you want to continue connecting (ye s/no)?

Second, you need to enter the password of the remote host

To solve the first problem, you can modify the configuration file or run the Ssh-copy-id command plus SSH related parameters.

#-O stricthostkeychecking=no, no public key acknowledgement when connecting to a new host
Ssh-copy-id-o stricthostkeychecking=no [email protected]

Or, in the current user directory of the. ssh/config file, add the following configuration item, if the. SSH directory does not have a config file, you can create it yourself.

Stricthostkeychecking=no

Then to solve the second problem, install the Sshpass command, in Ubuntu can be installed directly with the Apt-get command, under the CentOS, please Google search installation method, here does not explain.

Apt-get Install Sshpass

By installing the Sshpass command, you can run the command below without manual intervention to copy the SSH public key to the remote host.

Sshpass-p ' Your_password ' ssh-copy-id-o stricthostkeychecking=no [email protected]

If you use the Modify configuration file, the following command is available.

Sshpass-p ' lsu_201401 ' ssh-copy-id [email protected]

After solving the above two problems, the next thing is simple, you can log the remote host domain name or IP address in a file, such as recorded in the Remote-hosts file, run the following script will be able to bulk copy the public key to the remote host.

For host in $ (cat remote-hosts) do    sshpass-p ' Your_password ' ssh-copy-id-o stricthostkeychecking=no [email protected ]${host}done

Note: The above script is the remote host password is the same, in the command line password hard-coded write dead, if each host's password is not the same, you can record the password in the Remote-hosts file, through the Cut command division, you can obtain the host's IP address or domain name and corresponding password, Of course, if the port number of SSH is not the default 22, it can be recorded together. As in the following format:

10.10.10.10:2222:yourpassword

You can modify the above script a little bit:

For host in $ (cat remote-hosts) do   ip=$ (Echo ${host} | cut-f1-d ":")   port=$ (Echo ${host} | Cut-f2-d ":")   password=$ (Echo ${host} | cut-f3-d ":")   sshpass-p ${password} ssh-copy-id-p ${port}-o stricthostkeychecking=no [email protected]${ip}done

  

  

  

 

Using Ssh-copy-id to replicate public keys to multiple servers

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.