建议基于ssh密钥方式建立远程连接
a、ssh密钥对创建
ssh-keygen -t dsa
影响免交互创建密钥对创建因素:
1)需要指定私钥存放路径
-f /root/.ssh/id_dsa
2)需要进行私钥文件密码设定
-N/-P
-N ""/-P ""
免交互创建密钥对方法
ssh-keygen -t dsa -f /root/.ssh/id_dsa -N ""
b、分发公钥文件(管理主机进行分发)
ssh-copy-id -i /root/.ssh/id_dsa.pub 172.16.1.31
影响免交互批量分发密钥因素
1)需要有确认连接过程,需要输入yes/no
o StrictHostKeyChecking=no
sshpass -p123456 ssh-copy-id -i /root/.ssh/id_dsa.pub "-o StrictHostKeyChecking=no 172.16.1.31"
2)需要解决密码问题
sshpass -p123456 ssh-copy-id -i /root/.ssh/id_dsa.pub 172.16.1.31
Now try logging into the machine, with "ssh '172.16.1.31'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
免交互批量分发公钥脚本:
#!/bin/bash
rm /root/.ssh/id_dsa
ssh-keygen -t dsa -f /root/.ssh/id_dsa -N ""
for ip in 31 41 7
do
sshpass -p123456 ssh-copy-id -i /root/.ssh/id_dsa.pub "-o StrictHostKeyChecking=no 172.16.1.$ip"
done
c、检查是否可以进行基于密钥远程管理
ssh 172.16.1.31 uptime
免交互批量检查测试脚本
#!/bin/bash
if [ $# -ne 1 ]
then
echo "pls input one agrs"
exit 1
fi
for ip in 51 52 53
do
echo =========== info 10.0.0.$ip ===================
ssh 10.0.0.$ip $1
echo ""
done
d、ssh执行远程命令
脚本:
#!/bin/bash
for i in {136..142}
do
ssh 192.168.0.$i 'echo "9sGzJXReJ81mis=ve"|passwd root --stdin > /dev/null 2>&1'
done