#!/bin/bash
password="liwanliang"
#1.
echo "为每个节点创建公密钥对..."
for node in node{061..065}
do
echo "${node}开始操作"
expect -c "
set timeout 1
log_user 0
spawn ssh root@${node}
expect {
\"*yes/no*\" { send \"yes\r\"; exp_continue }
\"*password:*\" { send \"${password}\r\"; exp_continue }
}
expect \"\#\"
send \"ssh-keygen -t rsa -f ~/.ssh/id_rsa -P \'\'\r\"
expect \"\# \"
send \"exit\r\"
log_user 1
"
echo "${node}操作成功!"
done
#2.
echo "拷贝所有节点的公钥到本地的一个文件"
for node in node{061..065}
do
echo "${node}开始操作"
expect -c "
log_user 0
spawn scp root@${node}:/root/.ssh/id_rsa.pub ./${node}.pub
expect {
\"*password:\" { send \"${password}\r\"; exp_continue}
}
log_user 1
"
echo "${node}操作成功"
done
echo "合并公钥文件..."
cat *.pub >> authorized_keys
echo "分发公钥文件..."
for node in node{061..065}
do
echo "${node}开始操作"
expect -c "
log_user 0
spawn scp ./authorized_keys root@${node}:/root/.ssh/
expect {
\"*password:\" { send \"${password}\r\"; exp_continue}
}
spawn ssh root@${node}
expect \"\# \"
send \"chmod 600 /root/.ssh/authorized_keys\r\"
expect \"\# \"
send \"exit\r\"
log_user 1
"
echo "${node}操作成功"
done
echo "修改authorized_keys权限..."
for node in node{062..065}
do
echo "${node}开始操作"
ssh ${node} chmod 600 /root/.ssh/authorized_keys
echo "${node}操作成功"
done
echo "分发ssh_config文件..."
for node in node{062..065}
do
echo "${node}开始操作"
scp /etc/ssh/ssh_config root@${node}:/etc/ssh/ssh_config
echo "${node}操作成功"
done
echo "删除pub文件"
rm -rf *.pub authorized_keys
当节点需要取消ssh登陆一些提示信息时,修改/etc/ssh/ssh_config
,添加
Host *
SSAPIAuthentication no
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
LogLevel quiet
上述是让每个节点都创建自己的公私密钥对,属于比较复杂的情况。
如果仅使用同一套,只需要传输.ssh,ssh_config文件就可以了
标签:node,shell,send,echo,expect,root,ssh From: https://www.cnblogs.com/liwanliangblog/p/18521904