全自动化建立SSH信任
发表于:2024-11-24 作者:热门IT资讯网编辑
编辑最后更新 2024年11月24日,#! /bin/sh#远程主机1(源主机)src_host=$1src_user=$2src_passwd=$3#远程主机2(目标主机)dst_host=$4dst_user=$5dst_passwd
#! /bin/sh#远程主机1(源主机)src_host=$1src_user=$2src_passwd=$3#远程主机2(目标主机)dst_host=$4dst_user=$5dst_passwd=$6src_pub=/root/.ssh/id_rsa.pub#在远程主机1上生成公钥Keygen(){ expect << EOF spawn ssh $src_user@$src_host "test -f /root/.ssh/id_rsa.pub || echo CheckFalse " expect { "password:" { send "$src_passwd\n" } eof { exit } } expect CheckFalse { exit 11 } EOF if [ $? -ne 11 ];thenecho -n "公钥已经存在,将直接拷贝……" elseecho -n "公钥不存在,开始创建……" expect << EOFspawn ssh $src_user@$src_host "ssh-keygen -t rsa "while {1} { expect { "password:" { send "$src_passwd\n" } "yes/no*" { send "yes\n" } "Enter file in which to save the key*" { send "\n" } "Enter passphrase*" { send "\n" } "Enter same passphrase again:" { send "\n" } "Overwrite (y/n)" { send "n\n" } eof { exit } } }EOFfi}#从远程主机1上拷贝公钥到远程主机2上Get_pub (){ expect << EOF spawn scp $src_user@$src_host:$src_pub $dst_user@$dst_host:/root/.ssh/$src_host expect { "password:" { send "$src_passwd\n";exp_continue } "password:" { send "$dst_passwd\n";exp_continue } "yes/no*" { send "yes\n";exp_continue } eof { exit } } EOF}#在远程主机2上将内容追加到authorized_keysPut_pub(){ expect << EOF spawn ssh $dst_user@$dst_host "mkdir -p /root/.ssh;chmod 700 /root/.ssh;cat /root/.ssh/$src_host >> /root/.ssh/authorized_keys;chmod 600 /root/.ssh/authorized_keys" expect { "password:" { send "$dst_passwd\n";exp_continue } "yes/no*" { send "yes\n";exp_continue } eof{ exit } }EOF}KeygenGet_pubPut_pub使用格式:
./ssh-turst.sh 192.168.1.1 root 123456 192.168.1.2 root 123456
当然也可以把这些主机IP,用户名,密码写入到一个config.ini文件里
192.168.1.1 root 123456 192.168.1.2 root 123456
192.168.1.1 root 123456 192.168.1.3 root 123456
然后使用xargs命令
xargs -n6 ./ssh-trush.ssh < config.file