本文介绍了一种通过SSH服务将公钥批量推送到目标服务器的方法,以实现免密码登录。详细展示了如何使用expect脚本自动化生成SSH密钥对,并将公钥部署到多个服务器上,同时处理首次连接的信任问题。
#!/usr/bin/expect -f ########################################## hutu #Push the id.pas.pub public key to the target server through the SSH service to implement secret-free login. #Define an iplist Create an iplist file in the current directory. The content format is: User Password IPaddress Port #parameter: 1.user # 2.password # 3.ip # 4.Por ########################################## spawn ssh-keygen -t rsa expect { "*file in which to save the key*" { send "\n\r" send_user "/root/.ssh\r" exp_continue "*Overwrite (y/n)*"{ send "n\n\r" } } "*Enter passphrase*" { send "\n\r" exp_continue } "*Enter same passphrase again*" { send "\n\r" exp_continue } } set ip_file [open ./iplist r] while {[gets $ip_file line] >= 0} { set user [lindex $line 0] set password [lindex $line 1] set ip [lindex $line 2] set port [lindex $line 3] spawn ping ${ip} -w 2 expect { -nocase -re "100% packet loss" { send_error "Ping ${ip} is unreachable, Please check the IP address.\n" exit 1 } } spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user@$ip expect { #first connect, no public key in ~/.ssh/known_hosts "Are you sure you want to continue connecting (yes/no)?" { send "yes\r" expect "password:" send "$password\r" } #already has public key in ~/.ssh/known_hosts "password:" { send "$password\r" } } puts "User: $user,\tPassword: xxxx,\tIP: $ip,\tPort: $port\n" } close $ip_file
扫一扫
331
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
