今天看到一个免密码登录远程主机的帖子,就想自己写一个脚本来自动完成
先要有两台主机,目标主机要求关闭防火墙,能被主机A访问,然后知道主机B的IP和
root密码(不想用root的话更改也简单,脚本内部有提示)
下面是脚本内容,和大家分享一下,有错的欢迎反馈,大家共同进步
#!/bin/bash
#!/usr/bin/expect
# 这个脚本用来免密码登录一个主机
# 作者:xingyys
# 时间:2016-2-22
# 版本:1.0
read -p "Input IP,then you can ckeck out it without password: " ip
sleep 1
ping $ip -w 2 -c 2 >> /dev/null
## 查看ip是否可用
while [ $? -ne 0 ]
do
read -p "Input IP,then you can ckeck out it without password: " ip
sleep 1
ping $ip -w 2 -c 2 >> /dev/null
done
## 先关闭防火墙
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
selinux_s=`getenforce`
if [ $selinux_s == "enforcing" ]
then
setenforce 0
fi
iptables-save > /etc/sysconfig/iptables_`date +%s`
iptables -F
service iptables save
## 检查命令子函数
check_ok() {
if [ $? != 0 ]
then
echo "Error!."
exit 1
fi
}
## yum需要用到的包
myyum() {
if ! rpm -qa |grep -q "$1"
then
yum install -y $1
check_ok
else
echo $1 already installed
fi
}
for p in openssh-clients openssh expect
do
myyum $p
done
## 在主机A上创建密钥对
rm -fr ~/.ssh/*
check_ok
# 这里需要回车符用 echo -e "\n" |
echo -e "\n" | ssh-keygen -t rsa -P ''
check_ok
cd && cd .ssh && mv id_rsa.pub /tmp/1
## 传私钥给主机B
[ -f rsync.expect ] && tar -cvf rsync.expect.tar rsync.expect
cd - && touch rsync.expect
check_ok
#创建远程同步的expect文件
cat > rsync.expect < host.expect << EOF
#!/usr/bin/expect
#不想用root的在这换
set user "root"
set host [lindex \$argv 0]
#root的密码,同上
set passwd "123456"
spawn ssh \$user@\$host
expect {
"password:" { send "\$passwd\r" }
}
expect "]*"
send "mkdir .ssh;cd ~/.ssh\r"
expect "]*"
send "mv /tmp/1 authorized_keys\r"
expect "]*"
send "chmod 600 authorized_keys\r"
expect "]*"
send "exit\r"
EOF
/usr/bin/expect host.expect $ip
check_ok
echo -e \\n
echo "OK,this script is successful. ssh $ip to test it"
先要有两台主机,目标主机要求关闭防火墙,能被主机A访问,然后知道主机B的IP和
root密码(不想用root的话更改也简单,脚本内部有提示)
下面是脚本内容,和大家分享一下,有错的欢迎反馈,大家共同进步
#!/bin/bash
#!/usr/bin/expect
# 这个脚本用来免密码登录一个主机
# 作者:xingyys
# 时间:2016-2-22
# 版本:1.0
read -p "Input IP,then you can ckeck out it without password: " ip
sleep 1
ping $ip -w 2 -c 2 >> /dev/null
## 查看ip是否可用
while [ $? -ne 0 ]
do
read -p "Input IP,then you can ckeck out it without password: " ip
sleep 1
ping $ip -w 2 -c 2 >> /dev/null
done
## 先关闭防火墙
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
selinux_s=`getenforce`
if [ $selinux_s == "enforcing" ]
then
setenforce 0
fi
iptables-save > /etc/sysconfig/iptables_`date +%s`
iptables -F
service iptables save
## 检查命令子函数
check_ok() {
if [ $? != 0 ]
then
echo "Error!."
exit 1
fi
}
## yum需要用到的包
myyum() {
if ! rpm -qa |grep -q "$1"
then
yum install -y $1
check_ok
else
echo $1 already installed
fi
}
for p in openssh-clients openssh expect
do
myyum $p
done
## 在主机A上创建密钥对
rm -fr ~/.ssh/*
check_ok
# 这里需要回车符用 echo -e "\n" |
echo -e "\n" | ssh-keygen -t rsa -P ''
check_ok
cd && cd .ssh && mv id_rsa.pub /tmp/1
## 传私钥给主机B
[ -f rsync.expect ] && tar -cvf rsync.expect.tar rsync.expect
cd - && touch rsync.expect
check_ok
#创建远程同步的expect文件
cat > rsync.expect < host.expect << EOF
#!/usr/bin/expect
#不想用root的在这换
set user "root"
set host [lindex \$argv 0]
#root的密码,同上
set passwd "123456"
spawn ssh \$user@\$host
expect {
"password:" { send "\$passwd\r" }
}
expect "]*"
send "mkdir .ssh;cd ~/.ssh\r"
expect "]*"
send "mv /tmp/1 authorized_keys\r"
expect "]*"
send "chmod 600 authorized_keys\r"
expect "]*"
send "exit\r"
EOF
/usr/bin/expect host.expect $ip
check_ok
echo -e \\n
echo "OK,this script is successful. ssh $ip to test it"
编辑回复