这里还涉及到一个ssh的免密传输文件,需要进行配置才行。
注意:公钥相当于锁,私钥相当于钥匙,客户端创建一对钥匙和锁,要想做到SSH免密登录,就要将锁分发到服务器并装锁,然后客户端就可以利用这个钥匙开锁。
循环语句可以参考我另一篇博客:https://i.cnblogs.com/posts/edit;postId=11837160
建立SSH信任关系:
- 生成秘钥(公钥和私钥)
# 切换到ssh目录
[root@rhel8 ~]# cd /root/.ssh/
[root@rhel8 .ssh]# ls
known_hosts
# 生成秘钥文件(一路回车即可)
[root@rhel8 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:1eFqA0YG8GwTX/U+lGikRGWl+Zi7C/bEhpm4xJzxi5A root@rhel8.tourby.cn
The key's randomart image is:
+---[RSA 3072]----+
| ..o.o.+o*.. |
| o = o * * . |
| = + o B + |
| . o o o * |
| S + o + |
| + * * . . |
| E * B = |
| o + * . |
| o . +. |
+----[SHA256]-----+
- 将公钥拷贝到其他服务器上
[root@rhel8 .ssh]# ls
id_rsa id_rsa.pub known_hosts
# 这种方式会覆盖拷贝过去的服务器上的authorized_keys文件
[root@rhel8 .ssh]# scp -r id_rsa.pub root@IP地址:/root/.ssh/authorized_keys
# 这种不会覆盖,会追加。回车后输入密码即可
[root@rhel8 .ssh]# ssh-copy-id -i /root/.ssh/id_rsa.pub ip地址
脚本内容:
[root@rhel8 shell]# vim auto_scp.sh
#!/bin/bash
# auto scp files for client
# by authors tanbaobao 2020/06/09
FILES=$*
if [ -z $* ];then
echo -e '�33[32mUsage: {$0 /boot|/tmp|file.txt}�33[0m'
exit
fi
for i in `echo IP地址1 IP地址2 ...`
do
scp -r $FILES root@$i:/root/
done
上面还可以改成(从文件读取):for i in `cat list.txt`
方法二:
[root@rhel8 shell]# cat ip.txt
192.168.187.4
106.168.187.5
[root@rhel8 shell]# cat auto_scp_files.sh
#!/bin/bash
# Auto change Server Files
# by authors tanbaobao 2020/06/10
# SRC=/etc/
# 判断ip.txt文件是否存在
if [ ! -f ip.txt ];then
echo -e "�33[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: �33[0m"
cat <<EOF
192.168.1.3
192.168.1.8
EOF
exit
fi
# 判断参数1是否存在空字符
if [ -z "$1" ];then
echo -e "�33[31mUsage: $0 command,example{ Src_Files|Src_Dir Des_Dir } �33[0m"
exit
fi
COUNT=`cat ip.txt | wc -l`
rm -rf ip.txt.swp
i=0
while ((i<$COUNT))
do
i=`expr $i + 1`
# 打印第n行并添加标记
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp
IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp`
scp -r $1 root@${IP}:$2
# rsync -aP --delete $1 root@${IP}:$2
done
方法三:ssh远程执行命令。ip.txt文件如上
[root@rhel8 shell]# cat auto_ssh_command.sh
#!/bin/bash
# Auto change Server Files
# by authors tanbaobao 2020/06/10
# SRC=/etc/
# 判断ip.txt文件是否存在
if [ ! -f ip.txt ];then
echo -e "�33[31mPlease Crreate ip.txt Files,The ip.txt Contents As Follows: �33[0m"
cat <<EOF
192.168.1.3
192.168.1.8
EOF
exit
fi
# 判断参数1是否存在空字符
if [ -z "$*" ];then
echo -e "�33[31mUsage: $0 command,example{rm /tmp/test.txt | mkdir /tmp/20200610 } �33[0m"
exit
fi
COUNT=`cat ip.txt | wc -l`
rm -rf ip.txt.swp
i=0
while ((i<$COUNT))
do
i=`expr $i + 1`
# 打印第n行并添加标记
sed "${i}s/^/&${i} /g" ip.txt >>ip.txt.swp
IP=`awk -v I="$i" '{if(I==$1)print $2}' ip.txt.swp`
ssh -q -l root $IP "$*; echo -e '------------------------------------------------
The $IP Exec Command:
$* Success !';sleep 2" # rsync -aP --delete $1 root@${IP}:$2
done
# 使用脚本
[root@rhel8 shell]# sh auto_ssh_command.sh "df -h"
补充:使用read line逐行读取文件方式
# 准备一个文本文件存放ip地址
[root@rhel8 shell]# cat addr.txt
192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
192.168.1.5
192.168.1.6
192.168.1.7
192.168.1.8
[root@rhel8 shell]# vim auto_scp_read.sh
#!/bin/bash
# by authors tanbaobao 2020/06/09
FILES=/tanbaobao/log/file3
while read line
do
echo -e "�33[32mscp -r root@$line:/tmp�33[0m"
done
补充:read+awk分隔符读取
# ip地址文件
[root@rhel8 shell]# cat addr.txt
# ip address
1 192.168.1.1 /src1 /des1
2 192.168.1.2 /src2 /des2
3 192.168.1.3 /src3 /des3
4 192.168.1.4 /src4 /des4
[root@rhel8 shell]# cat auto_scp_read.sh
#!/bin/bash
# by authors tanbaobao 2020/06/09
while read line
do
IP=`echo $line | awk '{print $2}'`
echo -e "�33[32mscp -r /tanbaobao/log/file3 root@$IP:/tmp�33[0m"
done <addr.txt
相关博客:https://www.cnblogs.com/HeiDi-BoKe/p/13178591.html
ssh非交互式登录脚本:
这里使用expect来实现,需要先安装这个软件包。
[root@rhel8 shell]# cat expect_ssh.sh #!/usr/bin/expect ########################################################################## # expect ssh # # by author tanbaobao 2020/06/23 # ########################################################################## # 开启会话 spawn ssh root@106.53.73.200 expect { "yes/no" { send "yes "; exp_continue } "password:" { send "centos " } } interact
expect批量主机公钥推送
[root@rhel8 shell]# cat get_ip_ssh_keygen.sh
#!/bin/bash
##########################################################################
# 对ping通的ip发送公钥 #
# by author tanbaobao 2020/06/23 #
##########################################################################
# 清空ip.txt文件
>ip.txt
PASS=需要拷贝秘钥过去的主机密码
# 判断是否安装expect软件
rpm -q expect &>/dev/null
if [ $? -ne 0 ];then
yum -y install expect
fi
# 判断是否有公钥文件
if [ ! -f ~/.ssh/id_rsa ];then
# -P指定密码为空 -f指定私钥文件存放位置
ssh-keygen -P "" -f ~/.ssh/id_rsa
fi
for i in {2..254}
do
{
ip=127.0.0.$i
ping -c1 -W1 $ip &>/dev/null
if [ $? -eq 0 ];then
echo "$ip" >> ip.txt
/usr/bin/expect <<-EOF
set timeout 10
spawn ssh-copy-id $ip
expect {
"yes/no" { send "yes
"; exp_continue }
"password:" { send "$PASS
" }
}
expect eof
EOF
fi
}&
done
wait
echo "finish..."
expect非交互式scp传输文件
[root@rhel8 shell]# vi expect_scp_file.sh
#!/usr/bin/expect
##########################################################################
# expect scp file #
# by author tanbaobao 2020/06/23 #
##########################################################################
# 表示位置参数(0表示$1,1表示$2)
set ip [lindex $argv 0]
set user root
set password tanbaobaoTHY1234
set timeout 5
spawn ssh -r /etc/hosts $user@$ip:/tmp
expect {
"yes/no" { send "yes
"; exp_continue }
"password:" { send "$password
" };
}
# interact表示交互模式,留在那边
# 当出现"#"时需要做什么事
# expect "#"
# send "useradd haha
"
# send "pwd
"
# send "exit
"
# 中止expect(结束expect)
expect eof