shell编程-ssh免交互批量分发公钥脚本

脚本基本原理

1、控制端免交互创建秘钥和公钥:

1 ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""

2、免交互发送公钥

1 sshpass -ppassword ssh-copy-id -i /root/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no user@172.25.0.21"

sshpass              # 非交互式SSH密码提供

-o StrictHostKeyChecking=no # 不提示,ssh将自动添加新的主机密钥用户已知主机文件。

更多参数可以参考man ssh_config

ssh-copy-id        # 本质上是调用ssh命令,进行远程拷贝公钥的一个脚本,其中值得关注的是脚本中的“shift”,它能够将传参的参数依次向前推进。

 

 1 which ssh-copy-id
 2 /usr/bin/ssh-copy-id
  以下为shift在ssh-copy-id命令中使用的典型代码
3 if [ "-i" = "$1" ]; then 4 shift 5 # check if we have 2 parameters left, if so the first is the new ID file 6 if [ -n "$2" ]; then 7 if expr "$1" : ".*\.pub" > /dev/null ; then 8 ID_FILE="$1" 9 else 10 ID_FILE="$1.pub" 11 fi 12 shift # and this should leave $1 as the target name 13 fi 14 else 15 if [ x$SSH_AUTH_SOCK != x ] && ssh-add -L >/dev/null 2>&1; then 16 GET_ID="$GET_ID ssh-add -L" 17 fi 18 fi

 

以下为shift示例代码,能够加助理解shift将参数依次向前推进的含义

 1 cat shift_test.sh 
 2 #!/bin/bash
 3 until [ $# -eq 0 ];do
 4     echo $*
 5     shift
 6 done
 7 bash shift_test.sh 1 2 3 4 5
 8 1 2 3 4 5
 9 2 3 4 5
10 3 4 5
11 4 5
12 5

 

ssh免交互分发公钥的脚本

脚本功能:

1、能够输入选项 -h/--hlep查看帮助

2、不输入参数进行默认分发

3、可以指定主机的IP或者可以被解析的主机名进行分发

4、提示输出友好

5、能够自动检测已经分发了的主机,分发过了的就不再重复分发

6、代码尽量简洁

7、指定多个主机进行批量分发

 

效果示例1:帮助

 

效果示例2:默认分发、指定一个主机分发

 

 效果示例3:指定多个主机同时进行批量分发

 

源码如下:

  1 #!/bin/bash
  2 # mzy 2019-09-22 Add Features
  3 # another: 梅钟园  4 # contact QQ:359462962
  5 export PATH=/bin:$PATH
  6 
  7 # output command help manual
  8 function output_help(){
  9     echo -e "Usage :\n\n--help|-h\tget command help.\n\te.g:batchsent.sh --help\n\ncommand public key distribution:\n\t\e[40;32;1mbatchsent.sh [ip/hostname]\e[0;0;0m\n\nexample:\n\te.g:batchsent.sh 192.168.0.1\n\tor use default batchsent public key:\n\te.g:batchsent.sh\n\nexplanation:\n\t1.hostname needs to be able to be resolved IP address.\n\t2.Run this script need to have root privileges.\n\t3.The current system needs to be able to use yum install sshpass software."
 10 }
 11 
 12 # Check whether the IP address or host name of the obvious error
 13 function check_ip_format(){
 14     ip=$1
 15     echo ${ip} |sed -r 's#([0-9]+).#\1#g' |test -n "`sed -n '/^[0-9][0-9]*$/p'`" >/dev/null 2>&1
 16     if [ $? -eq 0 ];then
 17         count=`echo ${ip}|sed -r 's#([0-9]+).#\1\n#g'|grep -v '^$' | wc -l`
 18         if [ ${count} -eq 4 ];then
 19             return 0
 20         else
 21             echo -e "\e[40;31;1merror\e[0;0;0m:this host(${ip}) ip---\e[40;31;1mThere are obvious errors\e[0;0;0m"
 22             output_help
 23             return 1
 24         fi
 25     else
 26         ping -c 3 ${ip} >/dev/null 2>&1
 27         if [ $? -eq 0 ];then
 28             return 0
 29         else
 30             echo -e "\e[40;31;1merror\e[0;0;0m:this host(${ip}) name---\e[40;31;1mcan not be resolved\e[0;0;0m"
 31             output_help            
 32             return 1
 33         fi
 34     fi
 35 }
 36 
 37 # Single IP or host public key distribution
 38 function sent_pub_key(){
 39     ip=$1
 40     sshpass -prewqrewsdsds ssh "-o StrictHostKeyChecking=no" root@${ip} hostname >/dev/null 2>&1
 41     if [ $? -eq 0 ];then
 42         echo -e "${ip} \tpublic keys \e[40;34;1malready exist\e[0;0;0m,can be used normally."
 43     else
 44         ping -c 3 ${ip} >/dev/null 2>&1
 45         if [ $? -eq 0 ];then
 46             sshpass -ptemplate ssh-copy-id -i /root/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no root@${ip}" >/dev/null 2>&1
 47             echo -e "${ip} \tpublic keys \e[40;32;1msent successfully\e[0;0;0m,can be used normally."
 48         else
 49             echo -e "${ip} \tthis host(${ip}) is \e[40;31;1mnot online\e[0;0;0m"
 50         fi
 51     fi
 52 }
 53 
 54 # define default host
 55 function default_batch_sent_pub_key(){
 56     for ip_addr in 172.16.0.{31,41,51,71,5,6,7,8,9};do
 57         sent_pub_key ${ip_addr}
 58     done
 59 }
 60 
 61 # default ip or host public key distribution
 62 function batch_sent_pub_key(){
 63     ip_addr=$1
 64     sent_pub_key ${ip_addr}
 65 }
 66 
 67 # check the packages needed
 68 function check_sshpass(){
 69     if [ ! -f /usr/bin/sshpass ];then
 70         yum install -y sshpass >/dev/null 2>&1
 71         if [ $? -ne 0 ];then
 72             echo -e "\e[40;31;1merror\e[0;0;0m:install sshpass failed,check to see if the current user has root privileges."
 73             exit 1
 74         fi
 75     fi
 76 }
 77 
 78 # check -h or --help args
 79 function check_help_args(){
 80     args=$1
 81     case ${args} in
 82     "--help")
 83         output_help
 84         exit 1
 85         ;;
 86     "-h")
 87         output_help
 88         exit 1
 89         ;;
 90     esac
 91 }
 92 
 93 # The implementation of public key distribution by check_help_args function
 94 # In this way the code is more complex, not recommended
 95 function exec_batch_sent_by_check_help_args(){
 96     check_help_args $1
 97     if [ $# -eq 1 ];then
 98         check_ip_format $1
 99         if [ $? -eq 0 ];then
100             batch_sent_pub_key $1
101         fi
102     fi
103 }
104 
105 # The implementation of public key distribution by if statment
106 # Such code simpler, recommended
107 function exec_batch_sent_by_if_statment(){
108     if [ $# -eq 1 ];then
109         if [ $1 == '--help' ] || [ $1 == '-h' ];then
110             output_help
111         else
112             check_ip_format $1
113             if [ $? -eq 0 ];then
114                 batch_sent_pub_key $1
115             fi
116         fi
117     fi
118 }
119 
120 # Check the generated keys
121 function check_the_generated_keys(){
122     if [ -f /root/.ssh/id_rsa -a -f /root/.ssh/id_rsa.pub ];then
123         return 0
124     else
125         ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
126         if [ $? -eq 0 ];then
127             return 0
128         else
129             echo -e "\e[40;31;1merror\e[0;0;0m:install sshpass failed,check to see if the current user has root privileges."
130             return 1
131         fi
132     fi
133 }
134 
135 # main
136 if [ $# -eq 0 ];then
137     check_sshpass
138     check_the_generated_keys
139     if [ $? -eq 0 ];then
140         default_batch_sent_pub_key
141     else
142         exit 1
143     fi
144 else
145     until [ $# -eq 0 ];do
146         check_sshpass
147         check_the_generated_keys
148         if [ $? -eq 0 ];then
149             exec_batch_sent_by_if_statment $1
150         else
151             exit 1
152         fi
153         shift
154     done
155 fi

 

 
posted @ 2019-10-22 13:12  Repetition_Maximum  阅读(1205)  评论(0编辑  收藏  举报