shell编程-ssh免交互批量分发公钥脚本
脚本基本原理
1、控制端免交互创建秘钥和公钥:
1 ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
2、免交互发送公钥
1 sshpass -ppassword ssh-copy-id -i /root/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no user@172.25.0.21"
sshpass # 非交互式SSH密码提供
-o StrictHostKeyChecking=no # 不提示,ssh将自动添加新的主机密钥用户已知主机文件。
更多参数可以参考man ssh_config
ssh-copy-id # 本质上是调用ssh命令,进行远程拷贝公钥的一个脚本,其中值得关注的是脚本中的“shift”,它能够将传参的参数依次向前推进。
1 which ssh-copy-id 2 /usr/bin/ssh-copy-id
以下为shift在ssh-copy-id命令中使用的典型代码 3 if [ "-i" = "$1" ]; then 4 shift 5 # check if we have 2 parameters left, if so the first is the new ID file 6 if [ -n "$2" ]; then 7 if expr "$1" : ".*\.pub" > /dev/null ; then 8 ID_FILE="$1" 9 else 10 ID_FILE="$1.pub" 11 fi 12 shift # and this should leave $1 as the target name 13 fi 14 else 15 if [ x$SSH_AUTH_SOCK != x ] && ssh-add -L >/dev/null 2>&1; then 16 GET_ID="$GET_ID ssh-add -L" 17 fi 18 fi
以下为shift示例代码,能够加助理解shift将参数依次向前推进的含义
1 cat shift_test.sh 2 #!/bin/bash 3 until [ $# -eq 0 ];do 4 echo $* 5 shift 6 done 7 bash shift_test.sh 1 2 3 4 5 8 1 2 3 4 5 9 2 3 4 5 10 3 4 5 11 4 5 12 5
ssh免交互分发公钥的脚本
脚本功能:
1、能够输入选项 -h/--hlep查看帮助
2、不输入参数进行默认分发
3、可以指定主机的IP或者可以被解析的主机名进行分发
4、提示输出友好
5、能够自动检测已经分发了的主机,分发过了的就不再重复分发
6、代码尽量简洁
7、指定多个主机进行批量分发
效果示例1:帮助
效果示例2:默认分发、指定一个主机分发
效果示例3:指定多个主机同时进行批量分发
源码如下:
1 #!/bin/bash 2 # mzy 2019-09-22 Add Features 3 # another: 梅钟园 4 # contact QQ:359462962 5 export PATH=/bin:$PATH 6 7 # output command help manual 8 function output_help(){ 9 echo -e "Usage :\n\n--help|-h\tget command help.\n\te.g:batchsent.sh --help\n\ncommand public key distribution:\n\t\e[40;32;1mbatchsent.sh [ip/hostname]\e[0;0;0m\n\nexample:\n\te.g:batchsent.sh 192.168.0.1\n\tor use default batchsent public key:\n\te.g:batchsent.sh\n\nexplanation:\n\t1.hostname needs to be able to be resolved IP address.\n\t2.Run this script need to have root privileges.\n\t3.The current system needs to be able to use yum install sshpass software." 10 } 11 12 # Check whether the IP address or host name of the obvious error 13 function check_ip_format(){ 14 ip=$1 15 echo ${ip} |sed -r 's#([0-9]+).#\1#g' |test -n "`sed -n '/^[0-9][0-9]*$/p'`" >/dev/null 2>&1 16 if [ $? -eq 0 ];then 17 count=`echo ${ip}|sed -r 's#([0-9]+).#\1\n#g'|grep -v '^$' | wc -l` 18 if [ ${count} -eq 4 ];then 19 return 0 20 else 21 echo -e "\e[40;31;1merror\e[0;0;0m:this host(${ip}) ip---\e[40;31;1mThere are obvious errors\e[0;0;0m" 22 output_help 23 return 1 24 fi 25 else 26 ping -c 3 ${ip} >/dev/null 2>&1 27 if [ $? -eq 0 ];then 28 return 0 29 else 30 echo -e "\e[40;31;1merror\e[0;0;0m:this host(${ip}) name---\e[40;31;1mcan not be resolved\e[0;0;0m" 31 output_help 32 return 1 33 fi 34 fi 35 } 36 37 # Single IP or host public key distribution 38 function sent_pub_key(){ 39 ip=$1 40 sshpass -prewqrewsdsds ssh "-o StrictHostKeyChecking=no" root@${ip} hostname >/dev/null 2>&1 41 if [ $? -eq 0 ];then 42 echo -e "${ip} \tpublic keys \e[40;34;1malready exist\e[0;0;0m,can be used normally." 43 else 44 ping -c 3 ${ip} >/dev/null 2>&1 45 if [ $? -eq 0 ];then 46 sshpass -ptemplate ssh-copy-id -i /root/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no root@${ip}" >/dev/null 2>&1 47 echo -e "${ip} \tpublic keys \e[40;32;1msent successfully\e[0;0;0m,can be used normally." 48 else 49 echo -e "${ip} \tthis host(${ip}) is \e[40;31;1mnot online\e[0;0;0m" 50 fi 51 fi 52 } 53 54 # define default host 55 function default_batch_sent_pub_key(){ 56 for ip_addr in 172.16.0.{31,41,51,71,5,6,7,8,9};do 57 sent_pub_key ${ip_addr} 58 done 59 } 60 61 # default ip or host public key distribution 62 function batch_sent_pub_key(){ 63 ip_addr=$1 64 sent_pub_key ${ip_addr} 65 } 66 67 # check the packages needed 68 function check_sshpass(){ 69 if [ ! -f /usr/bin/sshpass ];then 70 yum install -y sshpass >/dev/null 2>&1 71 if [ $? -ne 0 ];then 72 echo -e "\e[40;31;1merror\e[0;0;0m:install sshpass failed,check to see if the current user has root privileges." 73 exit 1 74 fi 75 fi 76 } 77 78 # check -h or --help args 79 function check_help_args(){ 80 args=$1 81 case ${args} in 82 "--help") 83 output_help 84 exit 1 85 ;; 86 "-h") 87 output_help 88 exit 1 89 ;; 90 esac 91 } 92 93 # The implementation of public key distribution by check_help_args function 94 # In this way the code is more complex, not recommended 95 function exec_batch_sent_by_check_help_args(){ 96 check_help_args $1 97 if [ $# -eq 1 ];then 98 check_ip_format $1 99 if [ $? -eq 0 ];then 100 batch_sent_pub_key $1 101 fi 102 fi 103 } 104 105 # The implementation of public key distribution by if statment 106 # Such code simpler, recommended 107 function exec_batch_sent_by_if_statment(){ 108 if [ $# -eq 1 ];then 109 if [ $1 == '--help' ] || [ $1 == '-h' ];then 110 output_help 111 else 112 check_ip_format $1 113 if [ $? -eq 0 ];then 114 batch_sent_pub_key $1 115 fi 116 fi 117 fi 118 } 119 120 # Check the generated keys 121 function check_the_generated_keys(){ 122 if [ -f /root/.ssh/id_rsa -a -f /root/.ssh/id_rsa.pub ];then 123 return 0 124 else 125 ssh-keygen -t rsa -f /root/.ssh/id_rsa -N "" 126 if [ $? -eq 0 ];then 127 return 0 128 else 129 echo -e "\e[40;31;1merror\e[0;0;0m:install sshpass failed,check to see if the current user has root privileges." 130 return 1 131 fi 132 fi 133 } 134 135 # main 136 if [ $# -eq 0 ];then 137 check_sshpass 138 check_the_generated_keys 139 if [ $? -eq 0 ];then 140 default_batch_sent_pub_key 141 else 142 exit 1 143 fi 144 else 145 until [ $# -eq 0 ];do 146 check_sshpass 147 check_the_generated_keys 148 if [ $? -eq 0 ];then 149 exec_batch_sent_by_if_statment $1 150 else 151 exit 1 152 fi 153 shift 154 done 155 fi
签名:人生的状态和生活的乐趣在于看事的格局和处事的胸怀以及行动的魄力!