实现免密登陆脚本远程主机将生成的密钥写入到目标主机
1. 脚本要求
-
通过shift读取脚本参数
-
通过select来选择功能.例如功能有
-
安装mysql
-
安装apache
-
免密钥登陆主机
-
备注 :当前只实现免密钥登陆主机
-
-
通过函数封装每个功能
-
将免密钥登陆的过程可以重复进行, while 循环实现重复,需要有退出过程。当用户输入exit时,退出免密钥功能。
-
支持输入一批主机免密钥,使用数组 实现
2. 实现脚本
#设置输出字体颜色 function color() { RES_COL=60 MOVE_TO_COL="echo -en \\033[${RES_COL}G" SETCOLOR_SUCCESS="echo -en \\033[1;32m" SETCOLOR_FAILURE="echo -en \\033[1;31m" SETCOLOR_WARNING="echo -en \\033[1;33m" SETCOLOR_NORMAL="echo -en \E[0m" echo -n "$1"&& $MOVE_TO_COL echo -n "[" if [ $2 = "success" -o $2 = "0" ] ;then ${SETCOLOR_SUCCESS} echo -n $" OK " elif [ $2 = "failure" -o $2 = "1" ] ;then ${SETCOLOR_FAILURE} echo -n $"FAILED" else ${SETCOLOR_WARNING} echo -n $"WARNING" fi ${SETCOLOR_NORMAL} echo -n "]" echo } #设置ssh免密有登录 function ssh_host(){ function execute(){ password="123456" while [ "$1" ] ;do expect <<EOF set timeout 20 spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$1\n expect { "yes/no" { send "yes\n";exp_continue } "password" { send "$password\n" } } expect "#" { send "exit\n" } expect eof EOF color $1 0 shift done } while true ;do declare -a ips while true ;do read -p "输入IP,q/Q退出:" ip [[ $ip =~ ^(q|Q)$ ]]&&break [[ $ip =~ ^(([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ ]]&&ips[${#ips[*]}]=$ip||{ echo "IP不合法,请重新输入";continue ; } done execute ${ips[*]} read -p "是否继续远程主机,输入q/Q退出,其他任意键继续!: " var [[ $var =~ ^q|Q$ ]]&&break done } #$1:ID,$2:softname function soft_install(){ if [ $1 = 'rocky' -o $1 = "centos" ] ;then yum -y install $2&&color "$1" 0||color "$1" 1 elif [ $1 = 'ubuntu' ] ;then apt update apt -y install $2&&color "$1" 0||color "$1" 1 else echo "不支持此系统" fi } #自动化菜单 function auto_script(){ . /etc/os-release sum=0 PS3="请选择(1-5): " select MENU in 安装mysql 安装apache 安装nginx 免密远程登录主机传输秘钥 退出;do case $REPLY in 1) soft_install $ID "mysql" ;; 2) soft_install $ID "httpd" ;; 3) soft_install $ID "nginx" ;; 4) ssh_host ;; 5) echo "退出" break ;; *) echo "选择有误,重新选择" ;; esac done } auto_script
3. 功能测试实现结果
[20:02:12 root@rocky8 ~]#bash test2.sh 1) 安装mysql 4) 免密远程登录主机传输秘钥 2) 安装apache 5) 退出 3) 安装nginx 请选择(1-5): 3 ......... Installed: nginx-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-all-modules-1:1.14.1-9.module_el8.0.0+184+e34fea82.noarch nginx-filesystem-1:1.14.1-9.module_el8.0.0+184+e34fea82.noarch nginx-mod-http-image-filter-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-http-perl-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-http-xslt-filter-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-mail-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 nginx-mod-stream-1:1.14.1-9.module_el8.0.0+184+e34fea82.x86_64 Complete! rocky [ OK ] 请选择(1-5): ^C [20:27:10 root@rocky8 ~]#systemctl start nginx.service [20:27:56 root@rocky8 ~]#ps aux|grep nginx root 41890 0.0 0.1 119160 2176 ? Ss 20:27 0:00 nginx: master process /usr/sbin/nginx nginx 41891 0.0 0.4 151852 7948 ? S 20:27 0:00 nginx: worker process nginx 41892 0.0 0.4 151852 7948 ? S 20:27 0:00 nginx: worker process root 41897 0.0 0.0 12136 1068 pts/1 S+ 20:28 0:00 grep --color=auto nginx [20:28:19 root@rocky8 ~]#bash test2.sh 1) 安装mysql 4) 免密远程登录主机传输秘钥 2) 安装apache 5) 退出 3) 安装nginx 请选择(1-5): 2 Last metadata expiration check: 0:27:51 ago on Sun 14 Aug 2022 08:01:54 PM CST. Dependencies resolved. =================================================================================================================== Package Architecture Version Repository Size =================================================================================================================== Installing: httpd x86_64 2.4.37-43.module_el8.5.0+1022+b541f3b1 AppStream 1.4 M .................. Installed: apr-1.6.3-12.el8.x86_64 apr-util-1.6.1-6.el8.x86_64 apr-util-bdb-1.6.1-6.el8.x86_64 apr-util-openssl-1.6.1-6.el8.x86_64 centos-logos-httpd-85.8-2.el8.noarch httpd-2.4.37-43.module_el8.5.0+1022+b541f3b1.x86_64 httpd-filesystem-2.4.37-43.module_el8.5.0+1022+b541f3b1.noarch httpd-tools-2.4.37-43.module_el8.5.0+1022+b541f3b1.x86_64 mod_http2-1.15.7-3.module_el8.4.0+778+c970deab.x86_64 Complete! rocky [ OK ] 请选择(1-5): 请选择(1-5): 1 Last metadata expiration check: 0:29:39 ago on Sun 14 Aug 2022 08:01:54 PM CST. Dependencies resolved. =================================================================================================================== Package Architecture Version Repository Size =================================================================================================================== Installing: mysql x86_64 8.0.26-1.module_el8.4.0+915+de215114 AppStream 12 M ............ Installed: mariadb-connector-c-config-3.1.11-2.el8_3.noarch mysql-8.0.26-1.module_el8.4.0+915+de215114.x86_64 mysql-common-8.0.26-1.module_el8.4.0+915+de215114.x86_64 Complete! rocky [ OK ] 请选择(1-5): 4 输入IP,q/Q退出:192.168.100.30 输入IP,q/Q退出:192.168.100.132 输入IP,q/Q退出:192.168.0^H100.35 IP不合法,请重新输入 输入IP,q/Q退出:192.168.100.35 输入IP,q/Q退出:q test2.sh: line 33: expect: command not found 192.168.100.30 [ OK ] test2.sh: line 33: expect: command not found 192.168.100.132 [ OK ] test2.sh: line 33: expect: command not found 192.168.100.35 [ OK ] 是否继续远程主机,输入q/Q退出,其他任意键继续!: ^C #执行传输密码过程中报错,没有安装expect [20:42:35 root@rocky8 ~]#yum install expect -y Last metadata expiration check: 0:41:00 ago on Sun 14 Aug 2022 08:01:54 PM CST. Dependencies resolved. =================================================================================================================== Package Architecture Version Repository Size =================================================================================================================== Installing: expect x86_64 5.45.4-5.el8 BaseOS 267 k Installing dependencies: tcl x86_64 1:8.6.8-2.el8 BaseOS 1.1 M Transaction Summary =================================================================================================================== #继续做免密远程登录主机传输秘钥测试 [20:42:59 root@rocky8 ~]#bash test2.sh 1) 安装mysql 4) 免密远程登录主机传输秘钥 2) 安装apache 5) 退出 3) 安装nginx 请选择(1-5): 4 输入IP,q/Q退出:q^H IP不合法,请重新输入 输入IP,q/Q退出:192.168.100.30 输入IP,q/Q退出:192.168.100.132 输入IP,q/Q退出:192.168.100.35 输入IP,q/Q退出:q spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.100.30 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.100.30 (192.168.100.30)' can't be established. ECDSA key fingerprint is SHA256:K4j+vqe5fSV4uZTn4iU6lnzKVM+7YcOm9BoL1s8cg4Q. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.100.30's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.100.30'" and check to make sure that only the key(s) you wanted were added. expect: spawn id exp6 not open while executing "expect eof" 192.168.100.30 [ OK ] spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.100.132 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.100.132 (192.168.100.132)' can't be established. ECDSA key fingerprint is SHA256:YkW4G11Jri10FWzB7OHlq1himtNbAQ5A4TxQyAhnE+0. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.100.132's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.100.132'" and check to make sure that only the key(s) you wanted were added. expect: spawn id exp6 not open while executing "expect eof" 192.168.100.132 [ OK ] spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@192.168.100.35 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.100.35 (192.168.100.35)' can't be established. ECDSA key fingerprint is SHA256:7/2SwBVlOWCtHzA0GlHfmd+BzA3O6s8J4rmEn4Y/cy0. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@192.168.100.35's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@192.168.100.35'" and check to make sure that only the key(s) you wanted were added. expect: spawn id exp6 not open while executing "expect eof" 192.168.100.35 [ OK ] 是否继续远程主机,输入q/Q退出,其他任意键继续!:
- 查看验证其它主机是否获取密码
[20:47:45 root@localhost ~]#hostname -I 192.168.100.30 192.168.122.1 [20:47:55 root@localhost ~]#cat .ssh/ authorized_keys id_rsa id_rsa.pub known_hosts [20:47:55 root@localhost ~]#cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDirZnQJQHMD9N/mpoMSGZ2ssygMhRQmnaWpDfsTg/qsfvqIRlTev6aedzC5O7xcOzUNqTtdUYIbtvU7bRQcPGShpyRx79ICXLF6OiZn16kckLjdTDQ2wq1oVbyPFo6X+CjtuW4rxmiaChkySugm5BmesKKlzr1rp/o0/Ivtj+Htc1kc4PBKoAglWrj8ym8yfVhH0nPjth27MjH076t3MHkAGCzWexzIjm3ExB+IiSag8mDpXeEWhyXsPLVRhxT1WqPu/A5yT/QLErNhn4L1vfsio6GBskylt/ynt0C+ONE9LBgzltDtk8Lu+fz1jHxoM42UIiXjPKxADrDYS60I2XNJWhGKH9gFsIhC6+POOCaTaI8z/fVAZzZ/Df4aDvkXlHSk5eDfDASIQ8Bi5fjXrPq1p0aDYB7X/v2jE9wiErjs4vbFhlIqDfE4B4eS7Gfm/b+yakGFZUFH4CFRl872m3cgXd/M9yWZLQ9bomF98b53YIoCijno9se/B50CJq0d9k= 192.168.100.31
[root@Centos8 ~]# hostname -I 192.168.100.132 [root@Centos8 ~]# cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2zQBeNVDqNysGmByuW00OaZGKcJ8tCxk4EM7XywVEDJHskmurSjzKDWMI+G6Frh0/w/exU4JOMbPyvabzxDfv2yblTOi6VihUYHhxFRt/uNvI9fP96KzesFyb/r21vzDJtJX0uaxQPA49CXu3w3x7JexgSw2itd/p6Jwf8f53YYo9oz92RfVXb8qXg0rJae8Z8zOcuCsd9ok68QUkeJuhkedCuBclo/VGzXb0OSlzGloTPeJO89XseFITaOUjZgegSSYUZFIL12/y2CySQxL5nEwMshESRSQFp42nj8LlRhsU6sj0FgwqXjtwRW0ke+etQ040n85SxOTffCZQUQ4mt1KZ/Ua/BnfdpWvo5Xwbr94A3kGYCRXmrTXpPSlumw/yvdamidJ8g2SGJmn46I7geoOF5fb5M160HqpV2vi+TeBmnUDKDDvZ+oVJIT2pqk1H9IdrEKtFkwi9ElhwzttQJQy/oLFLJHgqbwc4CSP1U3JB+HiOoBDHKcQZfJeyuSE= 192.168.100.30 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDirZnQJQHMD9N/mpoMSGZ2ssygMhRQmnaWpDfsTg/qsfvqIRlTev6aedzC5O7xcOzUNqTtdUYIbtvU7bRQcPGShpyRx79ICXLF6OiZn16kckLjdTDQ2wq1oVbyPFo6X+CjtuW4rxmiaChkySugm5BmesKKlzr1rp/o0/Ivtj+Htc1kc4PBKoAglWrj8ym8yfVhH0nPjth27MjH076t3MHkAGCzWexzIjm3ExB+IiSag8mDpXeEWhyXsPLVRhxT1WqPu/A5yT/QLErNhn4L1vfsio6GBskylt/ynt0C+ONE9LBgzltDtk8Lu+fz1jHxoM42UIiXjPKxADrDYS60I2XNJWhGKH9gFsIhC6+POOCaTaI8z/fVAZzZ/Df4aDvkXlHSk5eDfDASIQ8Bi5fjXrPq1p0aDYB7X/v2jE9wiErjs4vbFhlIqDfE4B4eS7Gfm/b+yakGFZUFH4CFRl872m3cgXd/M9yWZLQ9bomF98b53YIoCijno9se/B50CJq0d9k= 192.168.100.31 [root@Centos8 ~]#
root@zxl:~# hostname -I 192.168.100.35 root@zxl:~# cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC2zQBeNVDqNysGmByuW00OaZGKcJ8tCxk4EM7XywVEDJHskmurSjzKDWMI+G6Frh0/w/exU4JOMbPyvabzxDfv2yblTOi6VihUYHhxFRt/uNvI9fP96KzesFyb/r21vzDJtJX0uaxQPA49CXu3w3x7JexgSw2itd/p6Jwf8f53YYo9oz92RfVXb8qXg0rJae8Z8zOcuCsd9ok68QUkeJuhkedCuBclo/VGzXb0OSlzGloTPeJO89XseFITaOUjZgegSSYUZFIL12/y2CySQxL5nEwMshESRSQFp42nj8LlRhsU6sj0FgwqXjtwRW0ke+etQ040n85SxOTffCZQUQ4mt1KZ/Ua/BnfdpWvo5Xwbr94A3kGYCRXmrTXpPSlumw/yvdamidJ8g2SGJmn46I7geoOF5fb5M160HqpV2vi+TeBmnUDKDDvZ+oVJIT2pqk1H9IdrEKtFkwi9ElhwzttQJQy/oLFLJHgqbwc4CSP1U3JB+HiOoBDHKcQZfJeyuSE= 192.168.100.30 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDirZnQJQHMD9N/mpoMSGZ2ssygMhRQmnaWpDfsTg/qsfvqIRlTev6aedzC5O7xcOzUNqTtdUYIbtvU7bRQcPGShpyRx79ICXLF6OiZn16kckLjdTDQ2wq1oVbyPFo6X+CjtuW4rxmiaChkySugm5BmesKKlzr1rp/o0/Ivtj+Htc1kc4PBKoAglWrj8ym8yfVhH0nPjth27MjH076t3MHkAGCzWexzIjm3ExB+IiSag8mDpXeEWhyXsPLVRhxT1WqPu/A5yT/QLErNhn4L1vfsio6GBskylt/ynt0C+ONE9LBgzltDtk8Lu+fz1jHxoM42UIiXjPKxADrDYS60I2XNJWhGKH9gFsIhC6+POOCaTaI8z/fVAZzZ/Df4aDvkXlHSk5eDfDASIQ8Bi5fjXrPq1p0aDYB7X/v2jE9wiErjs4vbFhlIqDfE4B4eS7Gfm/b+yakGFZUFH4CFRl872m3cgXd/M9yWZLQ9bomF98b53YIoCijno9se/B50CJq0d9k= 192.168.100.31 root@zxl:~#
本文作者:天梯的脚印
本文链接:https://www.cnblogs.com/zxl1024320609/p/16586911.html
版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 2.5 中国大陆许可协议进行许可。
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步