分享程序员开发的那些事...
更新时间:2022-09-15 20:21:28
脚本实现功能:批量或单个SSH免交互登录认证
脚本应用场景:当部署集群时,大多数实现要配置好管理节点与从节点的SSH免交互登录,针对这样的情况,写了下面脚本,简化工作。
脚本支持系统:Ubuntu和CentOS
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
#!/bin/bash# Description: configuration local host and remote host ssh keypair authentication, Support Ubuntu and CentOS operation system.# Blog: http://lizhenliang.blog.51cto.com function color_echo() {
if [ $1 == "green" ]; then
echo -e "\033[32;40m$2\033[0m"
elif [ $1 == "red" ]; then
echo -e "\033[31;40m$2\033[0m"
fi
}function os_version() {
local OS_V=$(cat /etc/issue |awk 'NR==1{print $1}')
if [ $OS_V == "\S" -o $OS_V == "CentOS" ]; then
echo "CentOS"
elif [ $OS_V == "Ubuntu" ]; then
echo "Ubuntu"
fi
}function check_ssh_auth() {
if $(grep "Permission denied" $EXP_TMP_FILE >/dev/null); then
color_echo red "Host $IP SSH authentication failure! Login password error."
exit 1
elif $(ssh $INFO 'echo yes >/dev/null'); then
color_echo green "Host $IP SSH authentication successfully."
fi
rm $EXP_TMP_FILE >/dev/null
}function check_pkg() {
local PKG_NAME=$1
if [ $(os_version) == "CentOS" ]; then
if ! $(rpm -ql $PKG_NAME >/dev/null 2>&1); then
echo no
else
echo yes
fi
elif [ $(os_version) == "Ubuntu" ]; then
if ! $(dpkg -l $PKG_NAME >/dev/null 2>&1); then
echo no
else
echo yes
fi
fi
}function install_pkg() {
local PKG_NAME=$1
if [ $(os_version) == "CentOS" ]; then
if [ $(check_pkg $PKG_NAME) == "no" ]; then
yum install $PKG_NAME -y
if [ $(check_pkg $PKG_NAME) == "no" ]; then
color_echo green "The $PKG_NAME installation failure! Try to install again."
yum makecache
yum install $PKG_NAME -y
[ $(check_pkg $PKG_NAME) == "no" ] && color_echo red "The $PKG_NAME installation failure!" && exit 1
fi
fi
elif [ $(os_version) == "Ubuntu" ]; then
if [ $(check_pkg $PKG_NAME) == "no" ]; then
apt-get install $PKG_NAME -y
if [ $(check_pkg $PKG_NAME) == "no" ]; then
color_echo green "$PKG_NAME installation failure! Try to install again."
apt-get autoremove && apt-get update
apt-get install $PKG_NAME --force-yes -y
[ $(check_pkg $PKG_NAME) == "no" ] && color_echo red "The $PKG_NAME installation failure!" && exit 1
fi
fi
fi
}function generate_keypair() {
if [ ! -e ~/.ssh/id_rsa.pub ]; then
color_echo green "The public/private rsa key pair not exist, start Generating..."
expect -c "
spawn ssh-keygen
expect {
\"ssh/id_rsa):\" {send \"\r\";exp_continue}
\"passphrase):\" {send \"\r\";exp_continue}
\"again:\" {send \"\r\";exp_continue}
}
" >/dev/null 2>&1
if [ -e ~/.ssh/id_rsa.pub ]; then
color_echo green "Generating public/private rsa key pair successfully."
else
color_echo red "Generating public/private rsa key pair failure!"
exit 1
fi
fi
}EXP_TMP_FILE=/tmp/expect_ssh.tmp
if [[ $1 =~ ^[a-z]+@[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}@.* ]]; then
install_pkg expect ; generate_keypair
for i in $@; do
USER=$(echo $i|cut -d@ -f1)
IP=$(echo $i|cut -d@ -f2)
PASS=$(echo $i|cut -d@ -f3)
INFO=$USER@$IP
expect -c "
spawn ssh-copy-id $INFO
expect {
\"(yes/no)?\" {send \"yes\r\";exp_continue}
\"password:\" {send \"$PASS\r\";exp_continue}
}
" > $EXP_TMP_FILE # if login failed, login error info append temp file
check_ssh_auth
done
elif [[ $1 =~ ^[a-z]+@[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}-[0-9]{1,3}@.* ]]; then
install_pkg expect ; generate_keypair
START_IP_NUM=$(echo $1|sed -r 's/.*\.(.*)-(.*)@.*/\1/')
END_IP_NUM=$(echo $1|sed -r 's/.*\.(.*)-(.*)@.*/\2/')
for ((i=$START_IP_NUM;i<=$END_IP_NUM;i++)); do
USER=$(echo $1|cut -d@ -f1)
PASS=$(echo $1|cut -d@ -f3)
IP_RANGE=$(echo $1|sed -r 's/.*@(.*\.).*/\1/')
IP=$IP_RANGE$i
INFO=$USER@$IP_RANGE$i
expect -c "
spawn ssh-copy-id $INFO
expect {
\"(yes/no)?\" {send \"yes\r\";exp_continue}
\"password:\" {send \"$PASS\r\";exp_continue}
}
" > $EXP_TMP_FILE
check_ssh_auth
done
else echo "Example1: $0 <root@192.168.1.10-15@password>"
echo "Example2: $0 <root@192.168.1.10@password>"
echo "Example3: $0 [root@192.168.1.10@password root@192.168.1.11@password root@192.168.1.12@password ...]"
fi |
本文转自 李振良OK 51CTO博客,原文链接:http://blog.51cto.com/lizhenliang/1736179,如需转载请自行联系原作者
