zoukankan      html  css  js  c++  java

  • Linux记录-ssh批量双向无密码登录

    1批量ssh无密码登录

    #!/bin/bash
set -e 

user=root
password=xxx
ssh_port=22
iplist=(10.0.0.1 10.0.0.2 10.0.0.3)

cat >> /etc/sudoers.d/app << EOF
   app ALL=(ALL) ALL
   app ALL=(ALL) NOPASSWD: ALL
   Defaults !env_reset
EOF

env_init(){
for ip in ${iplist[@]}
do
   sshpass -p $password ssh -p $ssh_port $user@$ip  << eeooff
   groupadd -g 6000 apps
   buseradd -s /bin/bash -G apps -m app
   mkdir -p /usr/app
   chown -R app:apps /usr/app
   sed -i '/^SELINUX/s/=.*/=disabled/' /etc/selinux/config
   setenforce 0
   systemctl disable firewalld.service
   systemctl stop firewalld.service
   systemctl status firewalld.service
   echo '* soft nofile 65536' >> /etc/security/limits.conf
   echo '* hard nofile 65536' >> /etc/security/limits.conf
   yum -y install sshpass gcc gcc-c++ make openssl-devel supervisor gmp-devel mpfr-devel libmpc-devel libaio numactl autoconf automake libtool libffi-devel snappy snappy-devel zlib zlib-devel bzip2 bzip2-devel lz4-devel libasan lsof lz4 lz4-devel
eeooff
  sshpass -p $password scp -P $ssh_port /etc/sudoers.d/app $user@$ip:/etc/sudoers.d/app
done
}   
ssh_init(){
for((i=0;i<${#iplist[@]};i++))
do 
   sshpass -p $password ssh  -p $ssh_port $user@${iplist[i]} << eeooff
   su app -c "/usr/bin/ssh-keygen -t rsa -f /home/app/.ssh/id_rsa -P '';/bin/bash> /dev/null 2>&1"
   su -c "echo>/home/app/.ssh/authorized_keys" app
   su -c "cat /home/app/.ssh/id_rsa.pub >> /home/app/.ssh/authorized_keys" app
   su -c "chmod 600 /home/app/.ssh/authorized_keys" app
eeooff
done
}

ssh_cp(){
for((i=0;i<${#iplist[@]};i++))
do 
   num=$(echo ${#iplist[@]}-1 | bc) 
   if [[ $i -lt $num ]]
   then
      sshpass -p $password scp -P $ssh_port $user@${iplist[i]}:/home/app/.ssh/authorized_keys $user@${iplist[i+1]}:/home/app/.ssh/authorized_keys
      sshpass -p $password ssh -p $ssh_port $user@${iplist[i+1]} << eeooff
      chown -R app. /home/app
      cat /home/app/.ssh/id_rsa.pub >> /home/app/.ssh/authorized_keys
eeooff
   else
     exit -1
   fi
done
}

ssh_scp(){
for((i=${#iplist[@]}-1;;i--))
do
  if [[ $i -gt 0 ]]
  then
  sshpass -p $password scp -P $ssh_port  $user@${iplist[i]}:/home/app/.ssh/authorized_keys $user@${iplist[i-1]}:/home/app/.ssh/authorized_keys
  else
    exit -1
  fi
done
}
env_init
ssh_init
ssh_cp
ssh_scp
  • 相关阅读:
    一个较为健壮的下单方案
    [缓存]数据库事务环境下表级缓存的更新问题
    “Java是编译执行的语言”这句话对吗?
    分布式服务的幂等性设计
    [ java 工具类] xml字符串解析成Map(DOM解析)
    抽奖系统的流量削峰方案
    从一次线上故障思考Java问题定位思路
    关于JVM内存的N个问题
    Java多线程编程—锁优化
    Java锁机制(一)synchronized
  • 原文地址:https://www.cnblogs.com/xinfang520/p/12784473.html
Copyright © 2011-2022 走看看