這里還涉及到一個ssh的免密傳輸文件,需要進行配置才行。
注意:公鑰相當於鎖,私鑰相當於鑰匙,客戶端創建一對鑰匙和鎖,要想做到SSH免密登錄,就要將鎖分發到服務器並裝鎖,然后客戶端就可以利用這個鑰匙開鎖。
循環語句可以參考我另一篇博客:https://i.cnblogs.com/posts/edit;postId=11837160
建立SSH信任關系:
- 生成秘鑰(公鑰和私鑰)
# 切換到ssh目錄
[root@rhel8 ~]# cd /root/.ssh/
[root@rhel8 .ssh]# ls
known_hosts # 生成秘鑰文件(一路回車即可)
[root@rhel8 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:1eFqA0YG8GwTX/U+lGikRGWl+Zi7C/bEhpm4xJzxi5A root@rhel8.tourby.cn The key's randomart image is: +---[RSA 3072]----+
| ..o.o.+o*.. |
| o = o * * . |
| = + o B + |
| . o o o * |
| S + o + |
| + * * . . |
| E * B = |
| o + * . |
| o . +. |
+----[SHA256]-----+
- 將公鑰拷貝到其他服務器上
[root@rhel8 .ssh]# ls
id_rsa id_rsa.pub known_hosts # 這種方式會覆蓋拷貝過去的服務器上的authorized_keys文件
[root@rhel8 .ssh]# scp -r id_rsa.pub root@IP地址:/root/.ssh/authorized_keys
# 這種不會覆蓋,會追加。回車后輸入密碼即可
[root@rhel8 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub ip地址
腳本內容:
[root@rhel8 shell]# vim auto_scp.sh #!/bin/bash # auto scp files for client # by authors tanbaobao 2020/06/09
FILES=$*
if [ -z $* ];then echo -e '\033[32mUsage: {$0 /boot|/tmp|file.txt}\033[0m' exit fi for i in `echo IP地址1 IP地址2 ...` do scp -r $FILES root@$i:/root/ done
上面還可以改成(從文件讀取):for i in `cat list.txt`
方法二:
[root@rhel8 shell]# cat ip.txt
192.168.187.4
106.168.187.5 [root@rhel8 shell]# cat auto_scp_files.sh #!/bin/bash # Auto change Server Files # by authors tanbaobao 2020/06/10 # SRC=/etc/
# 判斷ip.txt文件是否存在
if [ ! -f ip.txt ];then echo -e "\033[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: \033[0m" cat <<EOF 192.168.1.3
192.168.1.8 EOF exit fi # 判斷參數1是否存在空字符
if [ -z "$1" ];then echo -e "\033[31mUsage: $0 command,example{ Src_Files|Src_Dir Des_Dir } \033[0m" exit fi COUNT=`cat ip.txt | wc -l` rm -rf ip.txt.swp i=0
while ((i<$COUNT)) do i=`expr $i + 1` # 打印第n行並添加標記
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp` scp -r $1 root@${IP}:$2
# rsync -aP --delete $1 root@${IP}:$2
done
方法三:ssh遠程執行命令。ip.txt文件如上
[root@rhel8 shell]# cat auto_ssh_command.sh #!/bin/bash # Auto change Server Files # by authors tanbaobao 2020/06/10 # SRC=/etc/
# 判斷ip.txt文件是否存在
if [ ! -f ip.txt ];then echo -e "\033[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: \033[0m" cat <<EOF 192.168.1.3
192.168.1.8 EOF exit fi # 判斷參數1是否存在空字符
if [ -z "$*" ];then echo -e "\033[31mUsage: $0 command,example{rm /tmp/test.txt | mkdir /tmp/20200610 } \033[0m" exit fi COUNT=`cat ip.txt | wc -l` rm -rf ip.txt.swp i=0
while ((i<$COUNT)) do i=`expr $i + 1` # 打印第n行並添加標記
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp` ssh -q -l root $IP "$*; echo -e '------------------------------------------------\nThe $IP Exec Command: $* Success !';sleep 2" # rsync -aP --delete $1 root@${IP}:$2
done
# 使用腳本
[root@rhel8 shell]# sh auto_ssh_command.sh "df -h"
補充:使用read line逐行讀取文件方式
# 准備一個文本文件存放ip地址
[root@rhel8 shell]# cat addr.txt
192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
192.168.1.5
192.168.1.6
192.168.1.7
192.168.1.8
[root@rhel8 shell]# vim auto_scp_read.sh #!/bin/bash # by authors tanbaobao 2020/06/09
FILES=/tanbaobao/log/file3 while read line do echo -e "\033[32mscp -r root@$line:/tmp\033[0m" done
補充:read+awk分隔符讀取
# ip地址文件
[root@rhel8 shell]# cat addr.txt # ip address
1 192.168.1.1 /src1 /des1 2 192.168.1.2 /src2 /des2 3 192.168.1.3 /src3 /des3 4 192.168.1.4 /src4 /des4
[root@rhel8 shell]# cat auto_scp_read.sh #!/bin/bash # by authors tanbaobao 2020/06/09
while read line do IP=`echo $line | awk '{print $2}'` echo -e "\033[32mscp -r /tanbaobao/log/file3 root@$IP:/tmp\033[0m" done <addr.txt
相關博客:https://www.cnblogs.com/HeiDi-BoKe/p/13178591.html
ssh非交互式登錄腳本:
這里使用expect來實現,需要先安裝這個軟件包。
[root@rhel8 shell]# cat expect_ssh.sh #!/usr/bin/expect ########################################################################## # expect ssh # # by author tanbaobao 2020/06/23 # ########################################################################## # 開啟會話 spawn ssh root@106.53.73.200 expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "centos\r" } } interact
expect批量主機公鑰推送
[root@rhel8 shell]# cat get_ip_ssh_keygen.sh #!/bin/bash ########################################################################## # 對ping通的ip發送公鑰 # # by author tanbaobao 2020/06/23 # ##########################################################################
# 清空ip.txt文件
>ip.txt PASS=需要拷貝秘鑰過去的主機密碼 # 判斷是否安裝expect軟件
rpm -q expect &>/dev/null if [ $? -ne 0 ];then yum -y install expect fi # 判斷是否有公鑰文件
if [ ! -f ~/.ssh/id_rsa ];then # -P指定密碼為空 -f指定私鑰文件存放位置
ssh-keygen -P "" -f ~/.ssh/id_rsa fi for i in {2..254} do { ip=127.0.0.$i ping -c1 -W1 $ip &>/dev/null if [ $? -eq 0 ];then echo "$ip" >> ip.txt /usr/bin/expect <<-EOF set timeout 10 spawn ssh-copy-id $ip expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "$PASS\r" } } expect eof EOF fi }& done wait echo "finish..."
expect非交互式scp傳輸文件
[root@rhel8 shell]# vi expect_scp_file.sh
#!/usr/bin/expect ########################################################################## # expect scp file # # by author tanbaobao 2020/06/23 # ##########################################################################
# 表示位置參數(0表示$1,1表示$2)
set ip [lindex $argv 0] set user root set password tanbaobaoTHY1234 set timeout 5 spawn ssh -r /etc/hosts $user@$ip:/tmp expect { "yes/no" { send "yes\r"; exp_continue } "password:" { send "$password\r" }; } # interact表示交互模式,留在那邊
# 當出現"#"時需要做什么事 # expect "#" # send "useradd haha\r" # send "pwd\r" # send "exit\r"
# 中止expect(結束expect)
expect eof