Linux 批量拷贝数据脚本 + ssh 无密码登陆远程LINUX主机
2015-11-13 14:09
676 查看
最近想弄个Linux下批量传输拷贝部署远程服务器脚本
思路:1.与远程客户端建立等效性
2.拷贝数据、或者执行远程服务器命令
自动化等效性脚本如下:前提是安装expect这个包
================================================================
服务端生成自动生成rsa key
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
===============================================================
拷贝生成的key到远程服务器上
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
其中ip.txt内容格式为如下:
192.168.1.56:123456
===============================================================
执行服务端到客户端推送命令
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
===============================================================
最后脚本如下:
[root@lgl script]# cat ssh.sh
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
"
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
##################################################################
使用下例中ssky-keygen和ssh-copy-id,仅需通过3个步骤的简单设置而无需输入密码就能登录远程Linux主机。
ssh-keygen 创建公钥和密钥。
ssh-copy-id 把本地主机的公钥复制到远程主机的authorized_keys文件上。
ssh-copy-id 也会给远程主机的用户主目录(home)和~/.ssh, 和~/.ssh/authorized_keys设置合适的权限 。
步骤1: 用 ssh-key-gen
在本地主机上创建公钥和密钥
ligh@local-host$ ssh-keygen -t rsa
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is: 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9
ligh@local-host
步骤2: 用 ssh-copy-id
把公钥复制到远程主机上
ligh@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.3
ligh@remote-host‘s password:
Now try logging into the machine, with ―ssh ?remote-host‘‖, and check in:
.ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
[注: ssh-copy-id 把密钥追加到远程主机的 .ssh/authorized_key 上.]
步骤3: 直接登录远程主机
ligh@local-host$ ssh remote-host
Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
[注: SSH 不会询问密码.]
ligh@remote-host$
[注: 你现在已经登录到了远程主机上]
##################################
SSH的无密码登录
实现原理
使用一种被称为"公私钥"认证的方式来进行ssh登录. "公私钥"认证方式简单的解释是首先在客户端上创建一对公私钥
(公钥文件~/.ssh/id_rsa.pub; 私钥文件:~/.ssh/id_rsa)然后把公钥放到服务器上(~/.ssh/authorized_keys), 自己保留好私钥当ssh登录时,ssh程序会发送私钥去和服务器上的公钥做匹配.如果匹配成功就可以登录了
1.生成公私钥
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): 为了达到无密码登录,这里不输入任何的东西,如果输入了数据,则登录的时候就要输入现在的数据
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
8c:87:51:0c:05:e4:4a:6c:74:5f:eb:01:70:47:ea:ab root@httpd2.com
2.将生成的公钥发送到要控制的服务器的/root/.ssh/下
# scp /root/.ssh/id_rsa.pub 192.168.0.29:/root/.ssh/authorized_keys
Address 192.168.0.29 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.0.29's password:
id_rsa.pub 100% 397 0.4KB/s 00:00
3.实验无密码登录
# ssh 192.168.0.29
Address 192.168.0.29 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Thu Apr 14 15:07:40 2011 from 192.168.2.90
思路:1.与远程客户端建立等效性
2.拷贝数据、或者执行远程服务器命令
自动化等效性脚本如下:前提是安装expect这个包
================================================================
服务端生成自动生成rsa key
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
===============================================================
拷贝生成的key到远程服务器上
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
其中ip.txt内容格式为如下:
192.168.1.56:123456
===============================================================
执行服务端到客户端推送命令
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
===============================================================
最后脚本如下:
[root@lgl script]# cat ssh.sh
#!/usr/bin/expect
rm -rf root/.ssh/known_hosts
expect -c "
spawn ssh-keygen -t rsa
expect {
\"*id_rsa*\" {send \r;exp_continue}
\"*passphrase*\" {send \r;exp_continue}
\"*again*\" {send \r;exp_continue}
}
"
for p in $(cat /script/ip.txt)
do
ip=$(echo "$p"|cut -f1 -d":")
password=$(echo "$p"|cut -f2 -d":")
expect -c "
spawn ssh-copy-id -i /root/.ssh/id_rsa.pub root@$ip
expect {
\"*yes/no*\" {send \"yes\r\"; exp_continue}
\"*password*\" {send \"$password\r\"; exp_continue}
\"*Password*\" {send \"$password\r\";}
}
"
done
for h in $(cat /script/ip.txt|cut -f1 -d":")
do
ssh root@$h "ls $dire"
dire="/tmp/test"
if [ $? -eq 0 ];
then
ssh root@$h rm -rf "$dire"
set timeout 300
ssh root@$h mkdir -p /tmp/test
fi
ssh root@$h touch lgl.txt
scp /root/CentOS-5.3-x86_64-bin-DVD.iso root@192.168.1.56:/home
set timeout 300
done
##################################################################
使用下例中ssky-keygen和ssh-copy-id,仅需通过3个步骤的简单设置而无需输入密码就能登录远程Linux主机。
ssh-keygen 创建公钥和密钥。
ssh-copy-id 把本地主机的公钥复制到远程主机的authorized_keys文件上。
ssh-copy-id 也会给远程主机的用户主目录(home)和~/.ssh, 和~/.ssh/authorized_keys设置合适的权限 。
步骤1: 用 ssh-key-gen
在本地主机上创建公钥和密钥
ligh@local-host$ ssh-keygen -t rsa
Enter file in which to save the key (/home/jsmith/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/jsmith/.ssh/id_rsa.
Your public key has been saved in /home/jsmith/.ssh/id_rsa.pub.
The key fingerprint is: 33:b3:fe:af:95:95:18:11:31:d5:de:96:2f:f2:35:f9
ligh@local-host
步骤2: 用 ssh-copy-id
把公钥复制到远程主机上
ligh@local-host$ ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.3
ligh@remote-host‘s password:
Now try logging into the machine, with ―ssh ?remote-host‘‖, and check in:
.ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting.
[注: ssh-copy-id 把密钥追加到远程主机的 .ssh/authorized_key 上.]
步骤3: 直接登录远程主机
ligh@local-host$ ssh remote-host
Last login: Sun Nov 16 17:22:33 2008 from 192.168.1.2
[注: SSH 不会询问密码.]
ligh@remote-host$
[注: 你现在已经登录到了远程主机上]
##################################
SSH的无密码登录
实现原理
使用一种被称为"公私钥"认证的方式来进行ssh登录. "公私钥"认证方式简单的解释是首先在客户端上创建一对公私钥
(公钥文件~/.ssh/id_rsa.pub; 私钥文件:~/.ssh/id_rsa)然后把公钥放到服务器上(~/.ssh/authorized_keys), 自己保留好私钥当ssh登录时,ssh程序会发送私钥去和服务器上的公钥做匹配.如果匹配成功就可以登录了
1.生成公私钥
# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): 为了达到无密码登录,这里不输入任何的东西,如果输入了数据,则登录的时候就要输入现在的数据
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
8c:87:51:0c:05:e4:4a:6c:74:5f:eb:01:70:47:ea:ab root@httpd2.com
2.将生成的公钥发送到要控制的服务器的/root/.ssh/下
# scp /root/.ssh/id_rsa.pub 192.168.0.29:/root/.ssh/authorized_keys
Address 192.168.0.29 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
root@192.168.0.29's password:
id_rsa.pub 100% 397 0.4KB/s 00:00
3.实验无密码登录
# ssh 192.168.0.29
Address 192.168.0.29 maps to localhost, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Last login: Thu Apr 14 15:07:40 2011 from 192.168.2.90
相关文章推荐
- eclipse在Linux下的安装配置maven
- linux下mysql的表名问题
- Linux开机自启动与用户登录自启动
- centos install android sdk
- Linux系统最近重启时间、错误日志
- teamview linux命令行安装参数
- linux进程相关函数
- 每日一Linux命令
- linux crontab 命令详解
- Linux系统Java连接Mysql数据库
- linux错误2002
- Mr. Process的一生-Linux内核的社会视角 (2)启动
- Linux新建用户,切换后只显示$问题
- 韩顺平Linux笔记(十三)——Mysql数据库在linux下的使用
- Mr. Process的一生-Linux内核的社会视角 (1)调度
- 修改linux系统默认字符编码
- 刚安装完Linux不能上网问题!
- linux IP 设置
- 虚拟机下Linux虚拟机克隆后导致克隆体不能上网问题!
- Linux环境进程间通信(五): 共享内存(上)