多台服务器相互之间免密登录
多台服务器相互之间免密登录
环境
模拟环境:三台服务器
rhel 192.168.117.129
rhel1 192.168.117.130
centos 192.168.117.128
搭建服务器环境
1 编写存放所有服务器ip 用户 密码 端口的文件ip.txt
mger 192.168.117.129 root 1234 22
web1 192.168.117.128 root 123 22
web2 192.168.117.130 root 123 22
2 编写搭建服务器环境的脚本文件know.sh
#!/bin/bash
set -x
logname=`date +%Y-%m-%d`
echo "***********************************"
nl=`rpm -qa|grep "sshpass"|wc -l`
nm=`rpm -qa|grep "openssh"|wc -l`
[ $nl -lt 1 ] && rpm -ivh ./sshpass-1.06-1.el6.x86_64.rpm >/dev/null
[ $nm -lt 1 ] && yum install -y ssh* openssh* && chkconfig sshd on && service sshd restart
sed -i '/StrictHostKeyChecking/c StrictHostKeyChecking no' /etc/ssh/ssh_config
for ip in `cat ip.txt|awk '{print $2}'`
do
name=`cat ip.txt|grep "$ip"|awk '{print $1}'`
user=`cat ip.txt|grep "$ip"|awk '{print $3}'`
pass=`cat ip.txt|grep "$ip"|awk '{print $4}'`
port=`cat ip.txt|grep "$ip"|awk '{print $5}'`
nu=`sshpass -p $pass ssh -o StrictHostKeyChecking=no -p $port $user@$ip "rpm -qa|grep sshpass|wc -l"`
nn=`sshpass -p $pass ssh -o StrictHostKeyChecking=no -p $port $user@$ip "rpm -qa|grep openssh|wc -l"`
sshpass -p $pass ssh -o StrictHostKeyChecking=no -p $port $user@$ip "if [ $nn -lt 1 ];then yum install openssh* ssh* -y;chkconfig sshd on || systemctl enable sshd; \
service sshd restart || systemctl restart sshd;fi"
if [ $nu -eq 0 ];then
scp ./sshpass-1.06-1.el6.x86_64.rpm $user@$ip:/root/
sshpass -p $pass ssh -o StrictHostKeyChecking=no -p $port $user@$ip "rpm -ivh /root/sshpass-1.06-1.el6.x86_64.rpm >/dev/null"
[ $? -ne 0 ] && {
echo "$name插件:sshpass未安装成功,请手动安装!"&>>$logname.log;exit; }
fi
sshpass -p $pass ssh -o StrictHostKeyChecking=no -p $port $user@$ip "sed -i '/StrictHostKeyChecking/c StrictHostKeyChecking no' /etc/ssh/ssh_config"
done
~
3 编写互相实现免密登录的脚本问件ssh_rsa.sh
#!/bin/bash
[ -e ~/.ssh/id_rsa.pub ] ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa -q
for ip in `cat ip.txt|awk '{print $2}'`
do
name=`cat ip.txt|grep "$ip"|awk '{print $1}'`
user=`whoami`
pass=`cat ip.txt|grep "$ip"|awk '{print $4}'`
port=`cat ip.txt|grep "$ip"|awk '{print $5}'`
sshpass -p $pass ssh -p $port $user@$ip "if [ ! -e ~/.ssh/id_rsa.pub ];then ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa -q;fi"
rsa=`awk '{print $2}' ~/.ssh/id_rsa.pub`
rsanu=`sshpass -p $pass ssh -p $port $user@$ip "if [ -e ~/.ssh/authorized_keys ];then cat ~/.ssh/authorized_keys;fi"|grep $rsa|wc -l`
if [ $rsanu -eq 0 ];then
sshpass -p $pass ssh-copy-id -i ~/.ssh/id_rsa.pub " -p $port $user@$ip" &>/dev/null
fi
for i in `cat ip.txt|awk '{print $2}'`
do
name1=`cat ip.txt|grep "$i"|awk '{print $1}'`
user1=`whoami`
pass1=`cat ip.txt|grep "$i"|awk '{print $4}'`
port1=`cat ip.txt|grep "$i"|awk '{print $5}'`
rsa1=`sshpass -p $pass ssh -p $port $user@$ip "cat ~/.ssh/id_rsa.pub"|awk '{print $2}'`
rsanu1=`sshpass -p $pass ssh -p $port $user@$ip "sshpass -p $pass1 ssh -p $port1 $user1@$i 'if [ -e ~/.ssh/authorized_keys ];then \
cat ~/.ssh/authorized_keys;fi'|grep $rsa1|wc -l"`
if [ $rsanu1 -eq 0 ];then
sshpass -p $pass ssh -p $port $user@$ip "sshpass -p $pass1 ssh-copy-id -i ~/.ssh/id_rsa.pub '-p $port1 $user1@$i'" &>/dev/null
fi
done
done
测试
查看 ~/.ssh/authorized_keys 中的内容是否都互相拥有对方的公钥
rhel 192.168.117.129
centos 192.168.117.128
rhel1 192.168.117.130