ssh 免密码登录自动化配置脚本第二版(支持特殊字符密码)

目的

一键式配置集群节点间免密码登录

实现

vim ~/nonpassword

脚本内容:

#!/bin/sh

# all node names
NODES=()  
# all node password 
PASS=$1 
###### Validation args length
nodes_length=$(($# - 1))
if [[ ss -gt 0 ]];then
  echo "Exit: At least two parameters, eg: your_password node1"
  exit 2 
fi
###### Get all node name 
i=0
for node in $*
do
   if [[ i -gt 0 ]]; then
     j=$((i - 1)) 
     NODES[j]=$node
   fi
   let i++
done
MASTER=`hostname`

yum -y install expect

function scp_cmd(){

user_and_host=$1
password=$2
path=$3
/usr/bin/expect <<-EOF
set timeout 20

spawn scp $path $user_and_host:$path
expect {
    "password" {send "$password\r";}
    "yes/no" {send "yes\r";exp_continue}
}
expect eof
EOF
}

###################################
function ssh_cmd0(){
user_and_host=$1
password=$2
cmd=$3
/usr/bin/expect <<-EOF
set timeout 5
spawn ssh $user_and_host
expect {
"yes/no" { send "yes\r";exp_continue }
"password" { send "$password\r" }
}
expect "#"  
send "$cmd\r"
expect "#" 
exit 0
interact
EOF
}

function ssh_cmd(){
    ssh_cmd0 "$1" "$2" "echo 'start_mark';$3 ;echo 'end_mark'" | sed -n '/^start_mark/,/^end_mark/p'|grep -Ev '(^start_mark|^end_mark)'
}
function ssh_cmd2(){
    ssh_cmd0 "$1" "$2" "$3 ;" 
}
function escape_expect(){
    words=$1
    escaped=""
    for i in $(seq 1 ${#words})
    do
        w=${words:i-1:1}
        case $w in
        '\' )
            w='\x5C'
        ;;
        '}' )
            w='\x7D'
        ;;
        '[' )
            w='\x5B'
        ;;
        '$' )
            w='\x24'
        ;;
        '`' )
            w='\x60'
        ;;
        '"' )
            w='\x22'
        ;;
        esac
        escaped="$escaped$w"
    done
    echo "$escaped"
}
PASS=`escape_expect $PASS`
###### Create all nodes authorized_keys, And collection to master.
echo "" > ~/.ssh/authorized_keys
echo "" > ~/.ssh/known_hosts

for s in ${NODES[@]}
do
  echo -e "\nSTART:: Slave node ($s) generates id_rsa.pub and sends master node ($MASTER)"
  
  ssh_cmd "root@$s" "$PASS" "rm -f ~/.ssh/id_rsa; ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa"
  ssh_cmd "root@$s" "$PASS" "cat ~/.ssh/id_rsa.pub"  >> ~/.ssh/authorized_keys
  
  echo "DONE:: Slave node ($s) generates id_rsa.pub and send to master node ($MASTER)" 
done
###### Copy collectioned authorized_keys to all nodes.
echo -e "\n######################### SENDING authorized_keys TO ALL NODE #########################"
for s in ${NODES[@]}
do
  echo -e "\nSTART:: Master node ($MASTER)  send ALL id_rsa.pub(authorized_keys) to slave node ($s)"    
 
  scp_cmd  "root@$s" "$PASS" '/root/.ssh/authorized_keys'
    
  echo -e "DONE:: Master node ($MASTER)  send ALL id_rsa.pub(authorized_keys) to slave node ($s)\n"   
done
echo "Complete!"
chmod +x ~/nonpassword

用法

脚本用法:

~/nonpassword <password> <node1> <node2>

password:是指所有的节点的登录密码,要求所有节点必须是相同的密码。

具体用例:


~/nonpassword 'mypassoword' node1 node2 node3

执行成功后,就可以在 node1、node2 和 node3 之间免密码登录了,比如已经登上了 node1,然后要登录 node2,可直接在 node1 上执行命令:

ssh node2

即可。