ssh客户端 [lsc888@m01 ~]$ ssh-keygen -t dsa -P ‘‘ -f ~/.ssh/id_dsa Generating public/private dsa key pair. eated directory ‘/home/lsc888/.ssh‘. Your identification has been saved in /home/lsc888/.ssh/id_dsa. Your public key has been saved in /home/lsc888/.ssh/id_dsa.pub. The key fingerprint is: c0:bf:19:01:a0:63:fa:be:68:f2:5c:8f:c9:f3:57:56 lsc888@m01 The key‘s randomart image is: +--[ DSA 1024]----+ | ... | | . . . | | + o . | | o . o . E | |. S . | | . +o | | . . oo | |.= o.+ . | |+.=.+oo. | +-----------------+ [lsc888@m01 ~]$ ls .ssh/* .ssh/id_dsa .ssh/id_dsa.pub [lsc888@m01 ~]$ ssh-copy-id -i ~/.ssh/id_dsa.pub "-p 52113 lsc888@172.16.1."^C [lsc888@m01 ~]$ vim test1.sh #!/bin/sh . /etc/init.d/functions for n in 41 31 do ssh-copy-id -i ~/.ssh/id_dsa.pub "-p 52113 lsc888@172.16.1.$n" >/dev/null 2>&1 if [ $? -eq 0 ];then action "dis pub key $n" /bin/true else action "dis pub key $n" /bin/false fi done ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "test1.sh" [New] 11L, 244C written [lsc888@m01 ~]$ sh test1.sh The authenticity of host ‘[172.16.1.41]:52113 ([172.16.1.41]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes lsc888@172.16.1.41‘s password: dis pub key 41 [ OK ] The authenticity of host ‘[172.16.1.31]:52113 ([172.16.1.31]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes lsc888@172.16.1.31‘s password: dis pub key 31 [ OK ] [lsc888@m01 ~]$ ssh -p 52113 lsc888@172.16.1.41 /bin/touch ~/41.txt [lsc888@m01 ~]$ ssh -p 52113 lsc888@172.16.1.31 /bin/touch ~/31.txt [lsc888@m01 ~]$ 41服务端 [lsc888@backup ~]$ ls 41.txt [lsc888@backup ~]$ 31服务端 [lsc888@nfs01 ~]$ ls 31.txt [lsc888@nfs01 ~]$
客户端(反) [lsc888@m01 ~]$ ssh-keygen -t dsa -P ‘‘ -f ~/.ssh/id_dsa Generating public/private dsa key pair. Created directory ‘/home/lsc888/.ssh‘. Your identification has been saved in /home/lsc888/.ssh/id_dsa. Your public key has been saved in /home/lsc888/.ssh/id_dsa.pub. The key fingerprint is: 40:e7:a0:91:e0:60:d1:a9:55:91:8e:18:d0:3b:57:67 lsc888@m01 The key‘s randomart image is: +--[ DSA 1024]----+ |+++.++= . | |.+.+.=.+E | | *.+..o. | | oo... . | | o S | | | | | | | | | +-----------------+ [lsc888@m01 ~]$ ls .ssh/ id_dsa id_dsa.pub [lsc888@m01 ~]$ scp -P 52113 ~/.ssh/id_dsa lsc888@172.16.1.41:~/.ssh The authenticity of host ‘[172.16.1.41]:52113 ([172.16.1.41]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘[172.16.1.41]:52113‘ (RSA) to the list of known hosts. lsc888@172.16.1.41‘s password: id_dsa 100% 664 0.7KB/s 00:00 [lsc888@m01 ~]$ scp -P 52113 ~/.ssh/id_dsa lsc888@172.16.1.31:~/.ssh The authenticity of host ‘[172.16.1.31]:52113 ([172.16.1.31]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘[172.16.1.31]:52113‘ (RSA) to the list of known hosts. lsc888@172.16.1.31‘s password: id_dsa 100% 664 0.7KB/s 00:00 [lsc888@m01 ~]$ ssh-copy-id -i ~/.ssh/id_dsa.pub "-p 52113 lsc888@172.16.1.8" The authenticity of host ‘[172.16.1.8]:52113 ([172.16.1.8]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘[172.16.1.8]:52113‘ (RSA) to the list of known hosts. lsc888@172.16.1.8‘s password: Now try logging into the machine, with "ssh ‘-p 52113 lsc888@172.16.1.8‘", and check in: .ssh/authorized_keys to make sure we haven‘t added extra keys that you weren‘t expecting. [lsc888@m01 ~]$ cat .ssh/id_dsa.pub >authorized_keys [lsc888@m01 ~]$ cd .ssh/ [lsc888@m01 .ssh]$ ls id_dsa id_dsa.pub known_hosts [lsc888@m01 .ssh]$ cd .. [lsc888@m01 ~]$ ls authorized_keys test1.sh [lsc888@m01 ~]$ mv authorized_keys /tmp/ [lsc888@m01 ~]$ [lsc888@m01 ~]$ 41服务端 [lsc888@backup ~]$ mkdir .ssh [lsc888@backup ~]$ ls -a . .. 41.txt .bash_logout .bash_profile .bashrc .ssh [lsc888@backup ~]$ ls .ssh/ id_dsa [lsc888@backup ~]$ ssh -p 52113 lsc888@172.16.1.61 The authenticity of host ‘[172.16.1.61]:52113 ([172.16.1.61]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘[172.16.1.61]:52113‘ (RSA) to the list of known hosts. lsc888@172.16.1.61‘s password: [lsc888@m01 ~]$ logout Connection to 172.16.1.61 closed. [lsc888@backup ~]$ ssh -p 52113 lsc888@172.16.1.61 lsc888@172.16.1.61‘s password: Last login: Sat May 7 14:22:26 2016 from 172.16.1.41 [lsc888@m01 ~]$ 31服务端 [lsc888@nfs01 ~]$ mkdir .ssh [lsc888@nfs01 ~]$ ls -a . .. 31.txt .bash_logout .bash_profile .bashrc .ssh [lsc888@nfs01 ~]$ ssh -p 52113 lsc888@172.16.1.61 The authenticity of host ‘[172.16.1.61]:52113 ([172.16.1.61]:52113)‘ can‘t be established. RSA key fingerprint is 51:d8:76:cb:af:c0:2b:bf:cf:66:a9:11:e5:1c:07:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘[172.16.1.61]:52113‘ (RSA) to the list of known hosts. lsc888@172.16.1.61‘s password: Last login: Sat May 7 14:23:14 2016 from 172.16.1.41 [lsc888@m01 ~]$
批量分发文件到B、C用户的家目录(借助1的结果)
客户端 [lsc888@m01 ~]$ mkdir test3 [lsc888@m01 ~]$ echo "have a good day" >test3/test3.txt [lsc888@m01 ~]$ cat test3 test3/ test3.sh [lsc888@m01 ~]$ cat test3/test3.txt have a good day [lsc888@m01 ~]$ vim test3.sh #distribute files to the home directories of BC . /etc/init.d/functions for n in 41 31 do scp -P 52113 -rp ~/test3 lsc888@172.16.1.$n:~ if [ $? -eq 0 ];then action "distributing files" /bin/true else action "distributing files" /bin/false fi done ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "test3.sh" 11L, 259C written [lsc888@m01 ~]$ sh test3.sh lsc888@172.16.1.41‘s password: test3.txt 100% 16 0.0KB/s 00:00 distributing files [ OK ] lsc888@172.16.1.31‘s password: test3.txt 100% 16 0.0KB/s 00:00 distributing files [ OK ] [lsc888@m01 ~]$ 41服务端 [lsc888@backup ~]$ ls 41.txt test3 [lsc888@backup ~]$ 31服务端 [lsc888@nfs01 ~]$ ls 31.txt test3 [lsc888@nfs01 ~]$
客户端。 echo “lsc888 ALL=(ALL) NOPASSWD: /usr/bin/rsync” >>/etc/sudoers [root@m01 ~]# visudo -c /etc/sudoers: parsed OK [root@m01 ~]# su - lsc888 [lsc888@m01 ~]$ ls test1.sh test3 test3.sh [lsc888@m01 ~]$ mkdir IloveU [lsc888@m01 ~]$ echo "I Love U" >IloveU/test4.txt [lsc888@m01 ~]$ rsync -avz IloveU/test4.txt -e ‘ssh -p 52113‘ lsc888@172.16.1.41:~ lsc888@172.16.1.41‘s password: sending incremental file list test4.txt sent 100 bytes received 31 bytes 29.11 bytes/sec total size is 9 speedup is 0.07 [lsc888@m01 ~]$ rsync -avz IloveU/test4.txt -e ‘ssh -p 52113‘ lsc888@172.16.1.41:~ sending incremental file list test4.txt sent 100 bytes received 31 bytes 262.00 bytes/sec total size is 9 speedup is 0.07 [lsc888@m01 ~]$ 41服务端 echo “lsc888 ALL=(ALL) NOPASSWD: /usr/bin/rsync” >>/etc/sudoers [lsc888@backup ~]$ ls 41.txt test3 test4.txt [lsc888@backup ~]$ 31服务端 echo “lsc888 ALL=(ALL) NOPASSWD: /usr/bin/rsync” >>/etc/sudoers [lsc888@nfs01 ~]$ ls 31.txt test3 test4.txt [lsc888@nfs01 ~]$
iplist.txt
客户端
[lsc888@m01 ~]$ vim test5.sh #5th for n in 41 31 do echo ==============load of $n============= ssh -p 52113 lsc888@172.16.1.$n /usr/bin/uptime echo ==============memory of $n============= ssh -p 52113 lsc888@172.16.1.$n /usr/bin/free -m echo ==============CPU info of $n============= ssh -p 52113 lsc888@172.16.1.$n /bin/cat /proc/meminfo done ~ ~ ~ "test5.sh" 10L, 339C written [lsc888@m01 ~]$ sh test5.sh ==============load of 41============= 14:42:30 up 1 day, 22:03, 1 user, load average: 0.00, 0.00, 0.00 ==============memory of 41============= total used free shared buffers cached Mem: 475 385 90 0 94 124 -/+ buffers/cache: 166 308 Swap: 767 0 767 ==============CPU info of 41============= MemTotal: 486640 kB MemFree: 92456 kB Buffers: 96836 kB Cached: 127084 kB SwapCached: 0 kB …… DirectMap1G: 0 kB ==============load of 31============= 14:46:31 up 1 day, 22:07, 1 user, load average: 0.08, 0.02, 0.01 ==============memory of 31============= total used free shared buffers cached Mem: 475 424 50 0 82 188 -/+ buffers/cache: 152 322 Swap: 767 0 767 ==============CPU info of 31============= MemTotal: 486640 kB MemFree: 52196 kB Buffers: 84592 kB Cached: 193508 kB …… DirectMap1G: 0 kB [lsc888@m01 ~]$
postfix的服务器的反向解析;屏蔽。
[lsc888@m01 ~]$ cat test6.sh #!/bin/sh . /etc/init.d/functions #1.product key pair ssh-keygen -t dsa -P ‘‘ -f ~/.ssh/id_dsa >/dev/null 2>&1 if [ $? -eq 0 ];then action "create dsa $ip" /bin/true else action "create dsa $ip" /bin/false exit 1 fi #2.dis pub key for ip in 31 41 do expect fenfa_sshkey.exp ~/.ssh/id_dsa.pub 172.16.1.$ip >/dev/null 2>&1 if [ $? -eq 0 ];then action "$ip" /bin/true else action "$ip" /bin/false exit fi done #3.dis fenfa scripts for n in 31 41 do scp -P 52113 -rp ~/hosts lsc888@172.16.1.$n:~ if [ $? -eq 0 ];then echo 172.16.1.$n success |tee succeed.info mail -s "dis hosts succeed" 18763995975@163.com <succeed.info else echo 172.16.1.$n failed |tee error.info mail -s "dis hosts failed" 18763995975@163.com <error.info exit fi done [lsc888@m01 ~]$ [lsc888@m01 ~]$ sh test6.sh create dsa [ OK ] 31 [ OK ] 41 [ OK ] hosts 100% 37 0.0KB/s 00:00 172.16.1.31 success hosts 100% 37 0.0KB/s 00:00 172.16.1.41 success [lsc888@m01 ~]$
加入定时任务
[lsc888@m01 ~]$ crontab -e no crontab for lsc888 - using an empty one #distribute hosts to all servers every minutes 00 * * * * /bin/sh /home/lsc888/test6.sh >/dev/null 2>&1 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "/tmp/crontab.RwgNV8" 2L, 104C written crontab: installing new crontab [lsc888@m01 ~]$ crontab -l #distribute hosts to all servers every minutes 00 * * * * /bin/sh /home/lsc888/test6.sh >/dev/null 2>&1 [lsc888@m01 ~]$
[lsc888@m01 ~]$ cat fenfa_sshkey.exp
#!/usr/bin/expect
if { $argc != 2 } {
send_user "usage: expect fenfa_sshkey.exp file host\n"
exit
}
#define var
set file [lindex $argv 0]
set host [lindex $argv 1]
set password "123456"
#spawn scp /etc/hosts root@10.0.0.142:/etc/hosts
#spawn scp -P52113 $file oldboy@$host:$dir
spawn ssh-copy-id -i $file "-p 52113 lsc888@$host"
expect {
"yes/no" {send "yes\r";exp_continue}
"*password" {send "$password\r"}
}
expect eof
exit -onexit {
send_user "Oldboy say good bye to you!\n"
}
[lsc888@m01 ~]$
检查41服务端
[lsc888@backup ~]$ ls
172.16.1.61 41.txt hosts test3 test4.txt test7
[lsc888@backup ~]$ cat hosts
hosts for test; then have a good day
[lsc888@backup ~]$
检查31服务端
[lsc888@nfs01 ~]$ ls
172.16.1.61 31.txt hosts test3 test4.txt
[lsc888@nfs01 ~]$ cat hosts
hosts for test; then have a good day
[lsc888@nfs01 ~]$
scp与rsync都可以执行!
服务器端写两个脚本推到客户端,然后由客户端做最后的校验并发送邮件。
在普通用户的状态下,sudo command … … …
[lsc888@m01 ~]$ cat test7.sh
#test 7
Time=$(date +%F-%w)
IP=$(ifconfig eth1|awk -F"(addr:)|( Bcast)" ‘NR==2{print $2}‘)
Path=/home/lsc888
mkdir -p ${Path}/${IP}
for n in 41 31
do
mkdir -p ${Path}/${IP}/172.16.1.$n
scp -P 52113 -rp lsc888@172.16.1.$n:~ ${Path}/${IP}/172.16.1.$n >/dev/null 2>&1
if [ $? -eq 0 ];then
echo backup 172.16.1.$n succeed |tee ${Path}/succeed.info
mail -s "backup 172.16.1.$n succeed" 18763995975@163.com <${Path}/succeed.info
else
echo backup 172.16.1.$n failed |tee ${Path}/error.info
mail -s "backup 172.16.1.$n failed" 18763995975@163.com <${Path}/error.info
exit
fi
done
加入定时任务
[lsc888@m01 ~]$ crontab -l
#backup B,C to A
00 00 * * * /bin/sh /home/lsc888/test7.sh >/dev/null 2>&1
第八题***
auto_deploy.sh
#!/bin/sh
. /etc/init.d/functions
#1.product key pair
ssh-keygen -t dsa -P ‘‘ -f ~/.ssh/id_dsa >/dev/null 2>&1
if [ $? -eq 0 ];then
action "create dsa $ip" /bin/true
else
action "create dsa $ip" /bin/false
exit 1
fi
#2.dis pub key
for ip in 8 31 41
do
expect fenfa_sshkey.exp ~/.ssh/id_dsa.pub 172.16.1.$ip >/dev/null 2>&1
if [ $? -eq 0 ];then
action "$ip" /bin/true
else
action "$ip" /bin/false
fi
done
#3.dis fenfa scripts
for n in 8 31 41
do
scp -P 52113 -rp ~/scripts gongli@172.16.1.$n:~
done
#3.install service
for m in 8 31 41
do
ssh -t -p 52113 gongli@172.16.1.$m sudo /bin/bash ~/scripts/install.sh
done
fenfa_sshkey.exp
#!/usr/bin/expect
if { $argc != 2 } {
send_user "usage: expect fenfa_sshkey.exp file host\n"
exit
}
#define var
set file [lindex $argv 0]
set host [lindex $argv 1]
set password "123456"
#spawn scp /etc/hosts root@10.0.0.142:/etc/hosts
#spawn scp -P52113 $file oldboy@$host:$dir
spawn ssh-copy-id -i $file "-p 52113 gongli@$host"
expect {
"yes/no" {send "yes\r";exp_continue}
"*password" {send "$password\r"}
}
expect eof
exit -onexit {
send_user "Oldboy say good bye to you!\n"
}
install.sh
yum install vsftpd -y
本文出自 “Passionie” 博客,谢绝转载!
原文地址:http://passionie.blog.51cto.com/4365049/1771978
