shell与expect批量推送公钥
时间:2017-05-21 16:38 来源:潇湘夜雨 作者:华嵩阳 点击:次
介绍:通过shell结合expect实现批量推送公钥到自定IP范围的主机,以实现免密码登录
1、创建脚本
[root@localhost ~]# vim pushkey2.sh
#/bin/bash
#check expect
rpm -q expect &>/dev/null
if [ $? -ne 0 ]
then
yum -y install expect
fi
#check public key or create
if [ ! -f ~/.ssh/id_rsa ]
then
ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' #创建密钥
fi
#copy pub.key for host
IFS=$'\n'
for line in {128..129} #扫描制定的IP范围
do
{
ip=192.168.198.$line
user=root #设定用户名
password=123456 #设定密码
ping -c1 $ip &>/dev/null
if [ $? -eq 0 ] #如果主机存在才推送公钥
then
echo $ip
/usr/bin/expect <<-EOF
spawn ssh-copy-id $user@$ip #复制公钥
expect {
"yes/no" { send "yes\r"; exp_continue }
"password:" { send "$password\r" };
}
expect eof
EOF
echo "$ip have finished at ` date +%F-%T:%N`" |tee -a /root/pub.log #输出日志
fi
}&
done
echo "process is runing ..."
wait
2、执行脚本
[root@localhost ~]# bash pushkey2.sh
已加载插件:fastestmirror, security
设置安装进程
Loading mirror speeds from cached hostfile
epel/metalink | 5.6 kB 00:00
* base: centos.ustc.edu.cn
* epel: mirrors.ustc.edu.cn
* extras: centos.ustc.edu.cn
* updates: centos.ustc.edu.cn
base | 3.7 kB 00:00
epel | 4.3 kB 00:00
epel/primary_db | 5.9 MB 00:02
extras | 3.4 kB 00:00
extras/primary_db | 29 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 828 kB 00:00
解决依赖关系
--> 执行事务检查
---> Package expect.x86_64 0:5.44.1.15-5.el6_4 will be 安装
--> 处理依赖关系 libtcl8.5.so()(64bit),它被软件包 expect-5.44.1.15-5.el6_4.x86_64 需要
--> 执行事务检查
---> Package tcl.x86_64 1:8.5.7-6.el6 will be 安装
--> 完成依赖关系计算
依赖关系解决
===============================================================================================================================================================================================
软件包 架构 版本 仓库 大小
===============================================================================================================================================================================================
正在安装:
expect x86_64 5.44.1.15-5.el6_4 base 256 k
为依赖而安装:
tcl x86_64 1:8.5.7-6.el6 base 1.9 M
事务概要
===============================================================================================================================================================================================
Install 2 Package(s)
总下载量:2.2 M
Installed size: 4.9 M
下载软件包:
(1/2): expect-5.44.1.15-5.el6_4.x86_64.rpm | 256 kB 00:03
(2/2): tcl-8.5.7-6.el6.x86_64.rpm | 1.9 MB 00:01
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
总计 426 kB/s | 2.2 MB 00:05
运行 rpm_check_debug
执行事务测试
事务测试成功
执行事务
正在安装 : 1:tcl-8.5.7-6.el6.x86_64 1/2
正在安装 : expect-5.44.1.15-5.el6_4.x86_64 2/2
Verifying : expect-5.44.1.15-5.el6_4.x86_64 1/2
Verifying : 1:tcl-8.5.7-6.el6.x86_64 2/2
已安装:
expect.x86_64 0:5.44.1.15-5.el6_4
作为依赖被安装:
tcl.x86_64 1:8.5.7-6.el6
完毕!
process is runing ...
192.168.198.129
192.168.198.128
spawn ssh-copy-id root@192.168.198.129
spawn ssh-copy-id root@192.168.198.128
The authenticity of host '192.168.198.129 (192.168.198.129)' can't be established.
RSA key fingerprint is 10:62:b7:95:e7:38:a8:82:27:58:f6:d2:30:40:c7:d6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.198.129' (RSA) to the list of known hosts.
root@192.168.198.128's password: root@192.168.198.129's password:
Now try logging into the machine, with "ssh 'root@192.168.198.129'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
Now try logging into the machine, with "ssh 'root@192.168.198.128'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
192.168.198.128 have finished at 2017-05-21-12:46:17:723140806
192.168.198.129 have finished at 2017-05-21-12:46:17:721018165
3、登录测试
[root@localhost ~]# ssh 192.168.198.129 #现在登录不需要输入密码
Last login: Sun May 21 12:20:42 2017 from 192.168.198.128
|