Shell script +expect deploying SSH in bulk
First, the preparation of work and ideas
1, three machines to do experiments (centos6.5, ip:192.168.0.22 (master control), 192.168.0.156, 192.168.0.157)
2,ip:22 this one control machine, the other 2 do the client.
3. Create the public key in advance on the main control machine, install the expect, and use the script to push the SSH public key in bulk.
4, this deployment is the following operation as Root.
Ii. Formal Deployment
1, first to wear a secret key
[email protected]. ssh]# ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/ROOT/.SSH/ID_RSA):
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/root/.ssh/id_rsa.
Your public key has been saved in/root/.ssh/id_rsa.pub.
The key fingerprint is:
A3:08:AB:02:BF:7B:12:7D:D9:8F:9C:A9:67:38:53:A1 [email protected]
The key ' s Randomart image is:
+--[RSA 2048]----+
.
.. +s.
. .. O.. E.O.
.......+ =
.. O. + B.
o o=. *
+-----------------+
2, create a scripts in the root directory to hold script files and ip.txt files
[Email protected]/]# mkdir scripts
[Email protected]/]# CD scripts/
[email protected] scripts]# Touch ip.txt
3, then edit the script file and ip.txt content in the scripts directory:
[email protected] scripts]# cat fenfa.sh
#!/bin/bash
#date: 2018-04-11
#author Tony
#批量ssh认证建立
For P in $ (cat/scripts/ip.txt)
Do
Ip=$ (echo "$p" |cut-f1-d ":")
Password=$ (echo "$p" |cut-f2-d ":")
expect -c " spawn ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]$ip expect { \"*yes/no*\" {send \"yes\r\"; exp_continue} \"*password*\" {send \"$password\r\"; exp_continue} \"*Password*\" {send \"$password\r\";} } " done for h in $(cat /scripts/ip.txt|cut -f1 -d":") do ssh [email protected]$h ‘ ifconfig ‘ #如果命令是多行的,请参照下面
192.168.0.156:hwg123
192.168.0.157:hwg123
4, the last script can be executed
[Email protected] scripts]# sh fenfa.sh
Spawn ssh-copy-id-i/root/.ssh/id_rsa.pub [email protected]
Now try logging to the machine, with "ssh" [email protected] ' ", and check in:
. Ssh/authorized_keys
To make sure we haven ' t added extra keys so you weren ' t expecting.
Spawn ssh-copy-id-i/root/.ssh/id_rsa.pub [email protected]
Now try logging to the machine, with "ssh" [email protected] ' ", and check in:
. Ssh/authorized_keys
To make sure we haven ' t added extra keys so you weren ' t expecting.
Eth0 Link encap:ethernet HWaddr 00:50:56:21:da:f4
inet addr:192.168.0.156 bcast:192.168.0.255 mask:255.255.255.0
Inet6 ADDR:FE80::250:56FF:FE21:DAF4/64 Scope:link
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:58225 errors:0 dropped:0 overruns:0 frame:0
TX packets:351 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3662557 (3.4 MiB) TX bytes:45504 (44.4 KiB)
Lo Link encap:local Loopback
inet addr:127.0.0.1 mask:255.0.0.0
Inet6 addr::: 1/128 scope:host
Up LOOPBACK RUNNING mtu:16436 metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Eth0 Link encap:ethernet HWaddr 00:50:56:35:d4:31
inet addr:192.168.0.157 bcast:192.168.0.255 mask:255.255.255.0
Inet6 ADDR:FE80::250:56FF:FE35:D431/64 Scope:link
Up broadcast RUNNING multicast mtu:1500 metric:1
RX packets:228313 errors:0 dropped:0 overruns:0 frame:0
TX packets:6336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22630600 (21.5 MiB) TX bytes:443245 (432.8 KiB)
Lo Link encap:local Loopback
inet addr:127.0.0.1 mask:255.0.0.0
Inet6 addr::: 1/128 scope:host
Up LOOPBACK RUNNING mtu:16436 metric:1
RX packets:19 errors:0 dropped:0 overruns:0 frame:0
TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1292 (1.2 KiB) TX bytes:1292 (1.2 KiB)
Of course, this is relatively low, there is time to improve again later.
Using shell script +expect to deploy SSH in bulk