shell脚本部署无密码访问
程序员文章站
2022-07-12 16:15:37
...
为了实现一些组件的自动化部署,可能要设置服务器的免密访问比较方便,最后实现了自动化部署密码脚本,以下为实现代码逻辑。代码比较庞大,不能一一道出了。
#!/bin/bash
ips=( '10.100.112.79' '10.100.112.203' '10.100.112.204' '10.100.112.205' '10.100.112.95' '10.100.112.125' ) //所有关联ip
masterLenth=4 //ips集合前几个需要配置无密访问
gname=hgroup
uname=root //无密访问账号(要先生成root无密访问权限)
password="123456" //无密访问密码
currpath=$PWD
hostip=` /sbin/ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d "addr:" `//获取本机ip ,
echo "host_ip$hostip"
#如果是root权限,先生从root免密密匙
if [ "$uname" = "root" ];then
ssh root@${ips[i]} yum install -y expect
expect <<EOF
spawn ssh-keygen -t rsa
expect {
"*password:" {
send "$password\n";
exp_continue
}
"*id_rsa):" {
send "\n";
exp_continue
}
"*(y/n)?" {
send "y\n"
exp_continue
}
"*passphrase):" {
send "\n"
exp_continue
}
"*again:" {
send "\n"
}
}
expect eof
EOF
#initSshdConfig初始化免密访问的sshd-config文件,initSshdConfig代码链接本博客sshd_config无密访问的处理
sh $currpath/initSshdConfig.sh $hostip $currpath $hostip
fi
#给所有机器新增账号
for ip in ${ips[@]}
do
#如果是root账号,先授权root免密访问其它机器权限
if [ "$uname" = "root" ];then
sh $currpath/resrsa.sh $ip $uname $password
echo "$hostip------------------>$ip"
fi
if [ "$ip" = "$hostip" ];then
echo "$hostip"
sh $currpath/useradd.sh $gname $uname $password
# rm -rf /usr/$uname/.ssh
# sh apecttest.sh $gname $uname $name $ip
else
# echo ${ip}
# ssh ${ip} mkdir -p $currpath -m 777
# scp -r $currpath/base root@${ip}:$currpath/
# scp $currpath/useradd.sh root@${ip}:$currpath/
if [ "$uname" -ne "root" ];then
#新增账号http://lyongq04.iteye.com/blog/2297255
ssh ${ip} $currpath/useradd.sh $gname $uname $password
fi
fi
done
#给ips前masterLenth服务器赋予免密访问所有机器的权限,这类机器暂时简称master
for((i=0;i<masterLenth;i++))
do
echo "master ${ips[i]}"
#scp $currpath/initSshdConfig.sh root@${ips[i]}:$currpath/
sh $currpath/initSshdConfig.sh ${ips[i]} $currpath $hostip
if [ "${ips[i]}" != "$hostip" ];then
# scp /etc/ssh/sshd_config root@${ips[i]}:/etc/ssh
scp $currpath/resrsa.sh root@${ips[i]}:$currpath/
fi
#远程为master 账号生产密匙
#if expect not install
ssh root@${ips[i]} yum install -y expect
if [[ "$uname" != "root" || "$uname" == "root" && "${ips[i]}" != "$hostip" ]];then
echo "$hostip ssh-keygen-------------------------------------------------------->>${ips[i]}"
expect <<EOF
spawn ssh $uname@${ips[i]} ssh-keygen -t rsa
expect {
"*password:" {
send "$password\n";
exp_continue
}
"*id_rsa):" {
send "\n";
exp_continue
}
"*(y/n)?" {
send "y\n"
exp_continue
}
"*passphrase):" {
send "\n"
exp_continue
}
"*again:" {
send "\n"
}
}
expect eof
EOF
fi
done
#给所有master授权免密访问所有机器
for ip in ${ips[@]}
do
for((i=0;i<masterLenth;i++))
do
if [ "${ips[i]}" = "$hostip" ];then
sh $currpath/resrsa.sh $ip $uname $password
else
ssh root@${ips[i]} "$currpath/resrsa.sh $ip $uname $password"
fi
done
done
#!/bin/bash
ips=( '10.100.112.79' '10.100.112.203' '10.100.112.204' '10.100.112.205' '10.100.112.95' '10.100.112.125' ) //所有关联ip
masterLenth=4 //ips集合前几个需要配置无密访问
gname=hgroup
uname=root //无密访问账号(要先生成root无密访问权限)
password="123456" //无密访问密码
currpath=$PWD
hostip=` /sbin/ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d "addr:" `//获取本机ip ,
echo "host_ip$hostip"
#如果是root权限,先生从root免密密匙
if [ "$uname" = "root" ];then
ssh root@${ips[i]} yum install -y expect
expect <<EOF
spawn ssh-keygen -t rsa
expect {
"*password:" {
send "$password\n";
exp_continue
}
"*id_rsa):" {
send "\n";
exp_continue
}
"*(y/n)?" {
send "y\n"
exp_continue
}
"*passphrase):" {
send "\n"
exp_continue
}
"*again:" {
send "\n"
}
}
expect eof
EOF
#initSshdConfig初始化免密访问的sshd-config文件,initSshdConfig代码链接本博客sshd_config无密访问的处理
sh $currpath/initSshdConfig.sh $hostip $currpath $hostip
fi
#给所有机器新增账号
for ip in ${ips[@]}
do
#如果是root账号,先授权root免密访问其它机器权限
if [ "$uname" = "root" ];then
sh $currpath/resrsa.sh $ip $uname $password
echo "$hostip------------------>$ip"
fi
if [ "$ip" = "$hostip" ];then
echo "$hostip"
sh $currpath/useradd.sh $gname $uname $password
# rm -rf /usr/$uname/.ssh
# sh apecttest.sh $gname $uname $name $ip
else
# echo ${ip}
# ssh ${ip} mkdir -p $currpath -m 777
# scp -r $currpath/base root@${ip}:$currpath/
# scp $currpath/useradd.sh root@${ip}:$currpath/
if [ "$uname" -ne "root" ];then
#新增账号http://lyongq04.iteye.com/blog/2297255
ssh ${ip} $currpath/useradd.sh $gname $uname $password
fi
fi
done
#给ips前masterLenth服务器赋予免密访问所有机器的权限,这类机器暂时简称master
for((i=0;i<masterLenth;i++))
do
echo "master ${ips[i]}"
#scp $currpath/initSshdConfig.sh root@${ips[i]}:$currpath/
sh $currpath/initSshdConfig.sh ${ips[i]} $currpath $hostip
if [ "${ips[i]}" != "$hostip" ];then
# scp /etc/ssh/sshd_config root@${ips[i]}:/etc/ssh
scp $currpath/resrsa.sh root@${ips[i]}:$currpath/
fi
#远程为master 账号生产密匙
#if expect not install
ssh root@${ips[i]} yum install -y expect
if [[ "$uname" != "root" || "$uname" == "root" && "${ips[i]}" != "$hostip" ]];then
echo "$hostip ssh-keygen-------------------------------------------------------->>${ips[i]}"
expect <<EOF
spawn ssh $uname@${ips[i]} ssh-keygen -t rsa
expect {
"*password:" {
send "$password\n";
exp_continue
}
"*id_rsa):" {
send "\n";
exp_continue
}
"*(y/n)?" {
send "y\n"
exp_continue
}
"*passphrase):" {
send "\n"
exp_continue
}
"*again:" {
send "\n"
}
}
expect eof
EOF
fi
done
#给所有master授权免密访问所有机器
for ip in ${ips[@]}
do
for((i=0;i<masterLenth;i++))
do
if [ "${ips[i]}" = "$hostip" ];then
sh $currpath/resrsa.sh $ip $uname $password
else
ssh root@${ips[i]} "$currpath/resrsa.sh $ip $uname $password"
fi
done
done
上一篇: htmlunit爬虫优化方案
推荐阅读