Loading

一键SSH免密脚本

大型项目一键SSH免密脚本

#!/usr/bin/env bash
root=$(
        cd $(dirname $0)/..
        pwd
      )
source ${root}/dragonrc

read -p "请您输入主机用户:" user
if [ -z $user ];then
echo
echo -e "\033[1;32;31m警告:您输入的用户名为空!\033[0m"
echo
exit 0
fi
read -p "请您输入主机密码:" mima
if [ -z $mima ];then
echo
echo -e "\033[1;32;31m警告:您第一次输入的密码为空!\033[0m"
echo
exit 0
fi
read -p "请您再次输入密码:" queren
if [ -z $queren ];then
echo
echo -e "\033[1;32;31m警告:您第二次输入的密码为空!\033[0m"
echo
exit 0
fi
if [ $mima == $queren ];then

echo "您输入的密码为:$queren" && sleep 1

echo "正在为您创建密钥对儿,请您注意" && sleep 1

else

echo
echo -e "\033[1;32;31m不好意思~您两次输入的密码不匹配,请您重新输入!\033[0m"
echo

read -p "请您输入主机用户:" user
if [ -z $user ];then
echo
echo -e "\033[1;32;31m警告:您输入的用户名为空!\033[0m"
echo
exit 0
fi
read -p "请您输入主机密码:" mima
if [ -z $mima ];then
echo
echo -e "\033[1;32;31m警告:您第一次输入的密码为空!\033[0m"
echo
exit 0
fi
read -p "请您再次输入密码:" queren
if [ -z $queren ];then
echo
echo -e "\033[1;32;31m警告:您第二次输入的密码为空!\033[0m"
echo
exit 0
fi
if [ $mima == $queren ];then

echo "您输入的密码为:$queren"

echo "正在为您创建密钥对儿,请您注意" && sleep 1

else

echo
echo -e "\033[1;32;31m抱歉~您两次输入的密码不匹配,请您重新执行脚本!\033[0m"
echo

exit 1

fi

fi

> /root/.ssh/authorized_keys

if [ -f /root/.ssh/id_rsa.pub ];then

echo "您的主机已经有密钥对儿了,不需要再次创建"

else
ssh-keygen -t rsa -P "" -f ~/.ssh/id_rsa

fi

rpm -q sshpass &> /dev/null

if [ $? -ne 0 ];then

rpm -ivh ${root}/rpm/other/sshpass-1.06-2.el7.x86_64.rpm &> /dev/null

echo "StrictHostKeyChecking no" > /root/.ssh/config

echo "UserKnownHostsFile=/dev/null" >> /root/.ssh/config

else

echo "StrictHostKeyChecking no" > /root/.ssh/config

echo "UserKnownHostsFile=/dev/null" >> /root/.ssh/config

fi

IFS=',' read -r -a all_nodes <<<"${ALL_NODES}"
for ip in "${all_nodes[@]}"; do

sshpass -p $queren ssh-copy-id $user@$ip &> /dev/null

ssh $user@$ip "pwd" &> /dev/null

if [ $? -eq 0 ];then

echo "$ip is add successful"

else

echo "$ip is failure"

fi

done
ansible ${OTHER_NODES} -m shell -a "rm -rf /root/.ssh/id_rsa*"
ansible ${OTHER_NODES} -m shell -a "ssh-keygen -t rsa -P \"\" -f ~/.ssh/id_rsa"

echo -e "\033[5;32;31m温馨提示:主机双向互信ing...\033[0m"
IFS=',' read -r -a nodes <<<"${OTHER_NODES}"
for oip in "${nodes[@]}"; do
ssh -T $user@$oip cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
done
ansible dragon -m copy -a "src=/root/.ssh/authorized_keys dest=/root/.ssh/authorized_keys"
echo -e "\033[1;32;31m双向互信已完成!\033[0m"


posted @ 2020-11-10 23:27  高宏宇  阅读(409)  评论(0编辑  收藏  举报