Linux pssh安装与使用
第一章 Linux pssh安装与使用
说明:我这是没有在密钥认证的情况下操作
1、安装pssh
[root@libin ansible]# yum install -y pssh
[root@libin ansible]# rpm -ql pssh
/usr/bin/pnuke
/usr/bin/prsync
/usr/bin/pscp
/usr/bin/pslurp
/usr/bin/pssh
/usr/bin/pssh-askpass
2、使用pssh
[root@libin ansible]# man pssh
[root@libin ansible]# cat hosts.txt
192.168.124.134
192.168.124.132
[root@libin ansible]# pssh -h hosts.txt hostname
[1] 19:13:21 [SUCCESS] 192.168.124.132
[2] 19:13:21 [SUCCESS] 192.168.124.134
[root@libin ansible]# pssh -h hosts.txt "hostname > /tmp/libin.txt" #追加到 /tmp/libin.txt
[1] 19:16:32 [SUCCESS] 192.168.124.132
[2] 19:16:32 [SUCCESS] 192.168.124.134
[root@libin ansible]# cat /tmp/libin.txt
libin.com
-i:执行命令时,将标准错误的和标准输出的信息都显示出来
-p:同一时间并发去执行命令,指定最大的并发数量
-A:输入用户的密码
[1] 19:38:32 [SUCCESS] 192.168.124.134
wlcome to study redhat-linux
libin3.com
[2] 19:38:32 [SUCCESS] 192.168.124.132
libin.com
[root@libin ansible]# pssh -A -ih hosts.txt ls -l /tmp/
3、使用pscp
[root@libin ansible]# pscp -h hosts.txt /etc/hosts /tmp/ #将客户端的/etc/hosts拷贝到/tmp/下
[1] 19:43:36 [FAILURE] 192.168.124.134 Exited with error code 1
[2] 19:43:36 [SUCCESS] 192.168.124.132
[root@libin ansible]# pssh -h hosts.txt ls -l /tmp/
[1] 19:45:19 [SUCCESS] 192.168.124.132
[2] 19:45:19 [SUCCESS] 192.168.124.134
[root@libin ansible]# pssh -ih hosts.txt ls -l /tmp/ #查看/tmp/目录下的所有文件
=========================================
第二章 批量管理:ssh秘钥认证:(免密码登录 互信,私钥(钥匙)和公钥(锁头))
(1)把公钥发到服务器
在一台机器上可用管理和控制其他机器
secureCRT /xshell/ssh秘钥认证/pssh
1、创建公钥
[root@libin ansible]# ssh-keygen #(默认为RSA类型,已经比较过时)
[root@libin ansible]# ssh-keygen -t dsa #-t:指定类型
Generating public/private dsa key pair. #生成一对公钥,私钥
Enter file in which to save the key (/root/.ssh/id_dsa): 私钥位置 #默认存放的目录为/root/.ssh/id_dsa,ll -a 查看所有隐藏的文件
Enter passphrase (empty for no passphrase): 设置密码
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:yQiMcqnRlhBguTI5uApgP8hv+z2upk6/eXmbHZSNFvI root@libin.com
The key's randomart image is:
+---[DSA 1024]----+
|=o. |
|.+ = |
|+.O o . . |
|BO . o .o = |
|*+o . S E . |
|oo o o |
|o ... . . |
|. .o..o+ .o . |
| o+=*=ooo.. |
+----[SHA256]-----+
[root@libin ansible]# ll /root/.ssh/
总用量 24
-r--------. 1 root root 1584 2月 22 2022 authorized_keys
-rw------- 1 root root 668 9月 25 20:10 id_dsa
-rw-r--r-- 1 root root 604 9月 25 20:10 id_dsa.pub
2、发送公钥到各个服务器
[root@libin ansible]# ssh-copy-id -i /root/.ssh/id_dsa.pub root@172.168.124.134 #-i:指定公钥位置 ,-f :指定私钥位置
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_dsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
[root@libin ansible]# ssh 192.168.124.134 hostname #连接服务器执行一个命令,检查
Warning: Permanently added '192.168.124.134' (ECDSA) to the list of known hosts.
wlcome to study redhat-linux
libin3.com
3、sshpass(专门用来给ssh相关的命令提供密码)
[root@libin ansible]# sshpass -p123456 ssh root@192.168.124.134 hostname #-p:指定一个密码
Warning: Permanently added '192.168.124.134' (ECDSA) to the list of known hosts.
wlcome to study redhat-linux
libin3.com
第三章 非交互式创建密钥对
[root@libin ansible]# rm -fr /root/.ssh/id_rsa* #清除密钥对
[root@libin ansible]# ssh-keygen -t dsa -f /root/.ssh/id_dsa -P "" #-t:指定密钥类型, -f:指定私钥 -P:指定密码,这里意思是空密码
[root@libin ansible]# fo i in {132..134};do sshpass -p123456 ssh-copy-id -i /root/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root@192.168.124.$i;done #利用for循环下发私钥
ssh 自动维护并检查一个身份数据库, 它包含所有(成功)来访的主机的身份数据. 主机密钥存放在用户根目录下的 $HOME/.ssh/known_hosts文件中. 另外, SSH 自动检查 /etc/ssh/ssh_known_hosts 里面已知的主机. 任何新主机将被自动添加到用户文件中.如果某个主机的身份发生改变, ssh 就会发出警告, 并且关闭对它的密码认证, 以防止特洛伊木马窃取用户密码.这个机制的另一个目的是防止中间人攻击, 否则这种攻击可能会绕过加密系统.StrictHostKeyChecking
选项用来防止登录到主机密钥不能识别或发生改变的那些机器.
[root@libin ansible]# for i in {1..5} #例子:for循环的用法
> do
> echo $i www.baidu.com
> done
1 www.baidu.com
2 www.baidu.com
3 www.baidu.com
4 www.baidu.com
5 www.baidu.com
================================================================
