这里还涉及到一个ssh的免密传输文件,需要进行配置才行。
注意:公钥相当于锁,私钥相当于钥匙,客户端创建一对钥匙和锁,要想做到SSH免密登录,就要将锁分发到服务器并装锁,然后客户端就可以利用这个钥匙开锁。
循环语句可以参考我另一篇博客:https://i.cnblogs.com/posts/edit;postId=11837160
建立SSH信任关系:
- 生成秘钥(公钥和私钥)
# 切换到ssh目录
[root@rhel8 ~]# cd /root/.ssh/
[root@rhel8 .ssh]# ls
known_hosts # 生成秘钥文件(一路回车即可)
[root@rhel8 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:1eFqA0YG8GwTX/U+lGikRGWl+Zi7C/bEhpm4xJzxi5A root@rhel8.tourby.cn The key's randomart image is: +---[RSA 3072]----+
| ..o.o.+o*.. |
| o = o * * . |
| = + o B + |
| . o o o * |
| S + o + |
| + * * . . |
| E * B = |
| o + * . |
| o . +. |
+----[SHA256]-----+
- 将公钥拷贝到其他服务器上
[root@rhel8 .ssh]# ls
id_rsa id_rsa.pub known_hosts # 这种方式会覆盖拷贝过去的服务器上的authorized_keys文件
[root@rhel8 .ssh]# scp -r id_rsa.pub root@IP地址:/root/.ssh/authorized_keys
# 这种不会覆盖,会追加。回车后输入密码即可
[root@rhel8 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub ip地址
脚本内容:
[root@rhel8 shell]# vim auto_scp.sh #!/bin/bash # auto scp files for client # by authors tanbaobao 2020/06/09
FILES=$*
if [ -z $* ];then echo -e '\033[32mUsage: {$0 /boot|/tmp|file.txt}\033[0m' exit fi for i in `echo IP地址1 IP地址2 ...` do scp -r $FILES root@$i:/root/ done
上面还可以改成(从文件读取):for i in `cat list.txt`
方法二:
[root@rhel8 shell]# cat ip.txt
192.168.187.4
106.168.187.5 [root@rhel8 shell]# cat auto_scp_files.sh #!/bin/bash # Auto change Server Files # by authors tanbaobao 2020/06/10 # SRC=/etc/
# 判断ip.txt文件是否存在
if [ ! -f ip.txt ];then echo -e "\033[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: \033[0m" cat <<EOF 192.168.1.3
192.168.1.8 EOF exit fi # 判断参数1是否存在空字符
if [ -z "$1" ];then echo -e "\033[31mUsage: $0 command,example{ Src_Files|Src_Dir Des_Dir } \033[0m" exit fi COUNT=`cat ip.txt | wc -l` rm -rf ip.txt.swp i=0
while ((i<$COUNT)) do i=`expr $i + 1` # 打印第n行并添加标记
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp` scp -r $1 root@${IP}:$2
# rsync -aP --delete $1 root@${IP}:$2
done
方法三:ssh远程执行命令。ip.txt文件如上
[root@rhel8 shell]# cat auto_ssh_command.sh #!/bin/bash # Auto change Server Files # by authors tanbaobao 2020/06/10 # SRC=/etc/
# 判断ip.txt文件是否存在
if [ ! -f ip.txt ];then echo -e "\033[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: \033[0m" cat <<EOF 192.168.1.3
192.168.1.8 EOF exit fi # 判断参数1是否存在空字符
if [ -z "$*" ];then echo -e "\033[31mUsage: $0 command,example{rm /tmp/test.txt | mkdir /tmp/20200610 } \033[0m" exit fi COUNT=`cat ip.txt | wc -l` rm -rf ip.txt.swp i=0
while ((i<$COUNT)) do i=`expr $i + 1` # 打印第n行并添加标记
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp` ssh -q -l root $IP "$*; echo -e '------------------------------------------------\nThe $IP Exec Command: $* Success !';sleep 2" # rsync -aP --delete $1 root@${IP}:$2
done
# 使用脚本
[root@rhel8 shell]# sh auto_ssh_command.sh "df -h"
补充:使用read line逐行读取文件方式
# 准备一个文本文件存放ip地址
[root@rhel8 shell]# cat addr.txt
192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
192.168.1.5
192.168.1.6
192.168.1.7
192.168.1.8
[root@rhel8 shell]# vim auto_scp_read.sh #!/bin/bash # by authors tanbaobao 2020/06/09
FILES=/tanbaobao/log/file3 while read line do echo -e "\033[32mscp -r root@$line:/tmp\033[0m" done
补充:read+awk分隔符读取
# ip地址文件
[root@rhel8 shell]# cat addr.txt # ip address
1 192.168.1.1 /src1 /des1 2 192.168.1.2 /src2 /des2 3 192.168.1.3 /src3 /des3 4 192.168.1.4 /src4 /des4
[root@rhel8 shell]# cat auto_scp_read.sh #!/bin/bash # by authors tanbaobao 2020/06/09
while read line do IP=`echo $line | awk '{print $2}'` echo -e "\033[32mscp -r /tanbaobao/log/file3 root@$IP:/tmp\033[0m" done <addr.txt
相关博客:https://www.cnblogs.com/HeiDi-BoKe/p/13178591.html
ssh非交互式登录脚本:
这里使用expect来实现,需要先安装这个软件包。
[root@rhel8 shell]# cat expect_ssh.sh #!/usr/bin/expect ########################################################################## # expect ssh # # by author tanbaobao 2020/06/23 # ########################################################################## # 开启会话 spawn ssh root@106.53.73.200 expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "centos\r" } } interact
expect批量主机公钥推送
[root@rhel8 shell]# cat get_ip_ssh_keygen.sh #!/bin/bash ########################################################################## # 对ping通的ip发送公钥 # # by author tanbaobao 2020/06/23 # ##########################################################################
# 清空ip.txt文件
>ip.txt PASS=需要拷贝秘钥过去的主机密码 # 判断是否安装expect软件
rpm -q expect &>/dev/null if [ $? -ne 0 ];then yum -y install expect fi # 判断是否有公钥文件
if [ ! -f ~/.ssh/id_rsa ];then # -P指定密码为空 -f指定私钥文件存放位置
ssh-keygen -P "" -f ~/.ssh/id_rsa fi for i in {2..254} do { ip=127.0.0.$i ping -c1 -W1 $ip &>/dev/null if [ $? -eq 0 ];then echo "$ip" >> ip.txt /usr/bin/expect <<-EOF set timeout 10 spawn ssh-copy-id $ip expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "$PASS\r" } } expect eof EOF fi }& done wait echo "finish..."
expect非交互式scp传输文件
[root@rhel8 shell]# vi expect_scp_file.sh
#!/usr/bin/expect ########################################################################## # expect scp file # # by author tanbaobao 2020/06/23 # ##########################################################################
# 表示位置参数(0表示$1,1表示$2)
set ip [lindex $argv 0] set user root set password tanbaobaoTHY1234 set timeout 5 spawn ssh -r /etc/hosts $user@$ip:/tmp expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "$password\r" }; } # interact表示交互模式,留在那边
# 当出现"#"时需要做什么事 # expect "#" # send "useradd haha\r" # send "pwd\r" # send "exit\r"
# 中止expect(结束expect)
expect eof