今天主要介绍在Linux中如何批量建立SSH免密码的过程,仅供参考。一、批量搭建ssh私钥认证1、编译安装expectexpect依赖tcl,而tcl在linux系统中一般没有安装,需要手动安装。(1)安装tclcd/opt/tcl8.4.11/unix./configuremake&&makeinstall(2)安装expectcdexpect-5.43.0./configure--with-tclinclude=/opt/tcl8.4.11/generic--with-tclconfig=/usr/local/lib/make&&makeinstall(3)测试2.主终端生成公钥,执行ssh-keygen。该命令默认会在~/.ssh/目录下创建两个文件id_rsa和id_rsa.pub,分别是公钥和私钥ssh-keygencat/root/.ssh/id_rsa.pub>>/root/。ssh/authorized_keys3.下面的相关脚本放在/root目录下(1)ip.txt注意前面是IP,后面是密码。使用冒号:拆分,如果密码有冒号,建议单独处理IP:password(2)remote_operate.sh#!/bin/bash#copyrightbyhwbif[!-d/root/.ssh];thenmkdir/root/.sshficat/tmp/authorized_keys>>/root/.ssh/authorized_keys(3)batch_sshkey.sh#!/bin/bash#copyrightbyhwbforiin`catip.txt`doip=$(echo"$i"|cut-f1-d":")password=$(echo"$i"|cut-f2-d":")expect-c"spawnscp/root/.ssh/authorized_keys/root/remote_operate.shroot@$ip:/tmp/expect{\"*是/否*\"{发送\"是\r\";exp_continue}\"*密码*\"{发送\"$密码\r\";exp_continue}\"*密码*\"{send\"$password\r\";}}"expect-c"spawnsshroot@$ip"/tmp/remote_operate.sh"expect{\"*yes/no*\"{send\"yes\r\";exp_continue}\"*password*\"{send\"$password\r\";exp_continue}\"*Password*\"{send\"$password\r\";}}"done4.执行脚本并测试运行batch_sshkey.sh脚本
