写一个shell脚本,当我们执行时,提示要输入对方的ip和root密码,然后可以自动把本机的公钥增加到对方机器上,从而实现密钥认证。
参考答案:
#!/bin/bash
read -p "Input IP: " ip
ping $ip -w 2 -c 2 >> /dev/null
## 查看ip是否可用
while [ $? -ne 0 ]
do
read -p "your ip may not useable, Please Input your IP: " ip
ping $ip -w 2 -c 2 >> /dev/null
done
read -p "Input root\'s password of this host: " password
## 检查命令子函数
check_ok() {
if [ $? != 0 ]
then
echo "Error!."
exit 1
fi
}
## yum需要用到的包
myyum() {
if ! rpm -qa |grep -q "$1"
then
yum install -y $1
check_ok
else
echo $1 already installed
fi
}
for p in openssh-clients openssh expect
do
myyum $p
done
## 在主机A上创建密钥对
if [ ! -f ~/.ssh/id_rsa ] || [ ! -f ~/.ssh/id_rsa.pub ]
then
if [ -d ~/.ssh ]
then
mv ~/.ssh/ ~/.ssh_old
fi
echo -e "\n" | ssh-keygen -t rsa -P ''
check_ok
fi
## 传私钥给主机B
if [ ! -d /usr/local/sbin/rsync_keys ]
then
mkdir /usr/local/sbin/rsync_keys
fi
cd /usr/local/sbin/rsync_keys
if [ -f rsync.expect ]
then
d=`date +%F-%T`
mv rsync.expect $d.expect
fi
#创建远程同步的expect文件
cat > rsync.expect <<EOF
#!/usr/bin/expect
set host [lindex \$argv 0]
#主机B的密码
set passwd [lindex \$argv 1]
spawn rsync -av /root/.ssh/id_rsa.pub root@\$host:/tmp/tmp.txt
expect {
"yes/no" { send "yes\r"; exp_continue}
"password:" { send "\$passwd\r" }
}
expect eof
spawn ssh root@\$host
expect {
"password:" { send "\$passwd\r" }
}
expect "]*"
send "\[ -f /root/.ssh/authorized_keys \] && cat /tmp/tmp.txt >>/root/.ssh/authorized_keys \r"
expect "]*"
send "\[ -f /root/.ssh/authorized_keys \] || mkdir -p /root/.ssh/ \r"
send "\[ -f /root/.ssh/authorized_keys \] || mv /tmp/tmp.txt /root/.ssh/authorized_keys\r"
expect "]*"
send "chmod 700 /root/.ssh; chmod 600 /root/.ssh/authorized_keys\r"
expect "]*"
send "exit\r"
EOF
check_ok
/usr/bin/expect /usr/local/sbin/rsync_keys/rsync.expect $ip $password
echo "OK,this script is successful. ssh $ip to test it"
shell习题-自动增加公钥
2017年11月20日
shell习题
No Comments
aming
写一个shell脚本,当我们执行时,提示要输入对方的ip和root密码,然后可以自动把本机的公钥增加到对方机器上,从而实现密钥认证。
参考答案:
#!/bin/bash read -p "Input IP: " ip ping $ip -w 2 -c 2 >> /dev/null ## 查看ip是否可用 while [ $? -ne 0 ] do read -p "your ip may not useable, Please Input your IP: " ip ping $ip -w 2 -c 2 >> /dev/null done read -p "Input root\'s password of this host: " password ## 检查命令子函数 check_ok() { if [ $? != 0 ] then echo "Error!." exit 1 fi } ## yum需要用到的包 myyum() { if ! rpm -qa |grep -q "$1" then yum install -y $1 check_ok else echo $1 already installed fi } for p in openssh-clients openssh expect do myyum $p done ## 在主机A上创建密钥对 if [ ! -f ~/.ssh/id_rsa ] || [ ! -f ~/.ssh/id_rsa.pub ] then if [ -d ~/.ssh ] then mv ~/.ssh/ ~/.ssh_old fi echo -e "\n" | ssh-keygen -t rsa -P '' check_ok fi ## 传私钥给主机B if [ ! -d /usr/local/sbin/rsync_keys ] then mkdir /usr/local/sbin/rsync_keys fi cd /usr/local/sbin/rsync_keys if [ -f rsync.expect ] then d=`date +%F-%T` mv rsync.expect $d.expect fi #创建远程同步的expect文件 cat > rsync.expect <<EOF #!/usr/bin/expect set host [lindex \$argv 0] #主机B的密码 set passwd [lindex \$argv 1] spawn rsync -av /root/.ssh/id_rsa.pub root@\$host:/tmp/tmp.txt expect { "yes/no" { send "yes\r"; exp_continue} "password:" { send "\$passwd\r" } } expect eof spawn ssh root@\$host expect { "password:" { send "\$passwd\r" } } expect "]*" send "\[ -f /root/.ssh/authorized_keys \] && cat /tmp/tmp.txt >>/root/.ssh/authorized_keys \r" expect "]*" send "\[ -f /root/.ssh/authorized_keys \] || mkdir -p /root/.ssh/ \r" send "\[ -f /root/.ssh/authorized_keys \] || mv /tmp/tmp.txt /root/.ssh/authorized_keys\r" expect "]*" send "chmod 700 /root/.ssh; chmod 600 /root/.ssh/authorized_keys\r" expect "]*" send "exit\r" EOF check_ok /usr/bin/expect /usr/local/sbin/rsync_keys/rsync.expect $ip $password echo "OK,this script is successful. ssh $ip to test it"