标签:one script zed 用户名 which scp 复制 add 密码
例1:
从本机自动登录到远程机器192.168.1.200(端口是22,密码是:PASSWORD)
登录到远程机器后做以下几个操作:
1)useradd wangshibo
2)mkdir /opt/test
3) exit自动退出
[root@xw4 tmp]# cat test-ssh.sh #!/bin/bash passwd=‘PASSWORD‘ /usr/local/bin/expect <<-EOF set time 30 spawn ssh -p22 root@192.168.1.201 expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$passwd\r" } } expect "*#" send "useradd wangshibo\r" expect "*#" send "mkdir /opt/test\r" expect "*#" send "exit\r" interact expect eof EOF [root@xw4 tmp]# sh test.sh spawn ssh -p22 root@192.168.1.201 root@192.168.1.201‘s password: Last login: Fri Sep 23 16:21:20 2016 from 192.168.1.23 [root@vm-002 ~]# useradd wangshibo [root@vm-002 ~]# mkdir /opt/test [root@vm-002 ~]# [root@xw4 tmp]#
例2:我们在部署无密码访问时,手工建立ssh互信需要好几个步骤,并且中途人工交互(输入密码等),如果机器数目多,则很繁琐!
下面方法用于自动化生成authorized_keys,免去了手工数据.
方法: 利用expect编写sshkey.exp在远程主机上生成id_rsa,并重定向到本地.在利用noscp.exp.把文件复制到远程主机
为了节省自己的时间,可以写个expect自动化脚本,分享如下:
(1) 如上expect安装后的路径是: [root@xw4 ~]# which expect /usr/local/bin/expect (2) 做个expect执行文件的软件 [root@xw4 ~]# ln -s /usr/local/bin/expect /usr/bin/expect [root@xw4 ~]# ll /usr/bin/expect (3) 编写expect脚本: ----------------------------------------------------------------------------------- 1) [root@xw4 ~]# cat sshkey.exp #!/usr/bin/expect #sshkey.exp if {$argc<3} { puts stderr "Usage: $argv0 host user passwd " exit 1 } set host [ lindex $argv 0 ] set user [ lindex $argv 1 ] set pwd [ lindex $argv 2 ] set timeout 30 #spawn ssh ${user}@${host} "rm -rf ~/.ssh/id_rsa*" # #expect { # "*yes/no" { send "yes\r"; exp_continue } # "*password:" { send "$pwd\r"; exp_continue } #} spawn ssh ${user}@${host} "ssh-keygen -t rsa" expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$pwd\r"; exp_continue } "Enter file in which to save the key*" { send "\n\r"; exp_continue } "Overwrite*" { send "y\n"; exp_continue } "Enter passphrase (empty for no passphrase):" { send "\n\r"; exp_continue } "Enter same passphrase again:" { send "\n\r" } } spawn ssh ${user}@${host} "cat ~/.ssh/id_rsa.pub" expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$pwd\r" } } expect eof ---------------------------------------------------------------------------------------------------- 2) [root@xw4 ~]# cat noscp.exp #!/usr/bin/expect #noscp.exp if {$argc<4} { puts stderr "Usage: $argv0 localfile remotefile user passwd " exit 1 } set localfile [ lindex $argv 0 ] set remotefile [ lindex $argv 1 ] set user [ lindex $argv 2 ] set pwd [ lindex $argv 3 ] set timeout 30 spawn scp ${localfile} ${user}@${remotefile} expect { "*yes/no" { send "yes\r"; exp_continue } "*password:" { send "$pwd\r" } } expect eof ------------------------------------------------------------------------ [root@xw4 ~]# chmod 755 sshkey.exp [root@xw4 ~]# chmod 755 noscp.exp (4) 脚本说明 ./sshkey.exp 主机名 用户名 密码 (在远程主机生成id_rsa) ./noscp.exp 本地文件 远程路径 远程用户密码 (无密码拷贝文件) (5)验证: [root@xw4 ~]# ./sshkey.exp 192.168.1.201 root PASSWORD |grep ssh-rsa >> ~/.ssh/authorized_keys [root@xw4 ~]# ./noscp.exp ~/.ssh/authorized_keys 192.168.1.201:~/.ssh root PASSWORD spawn scp /root/.ssh/authorized_keys root@192.168.1.201:~/.ssh root@192.168.1.201‘s password: authorized_keys 这样,就能无密码登陆了! [root@xw4 ~]# ssh 192.168.1.201 Last login: Fri Sep 23 18:33:21 2016 from 192.168.1.7 [root@vm-002 ~]# -------------------------------------------------------------------------- 如果是多台机器的话,可以结合shell脚本进行批量执行 [root@xw4 ~]# cat /root/ip.list 192.168.1.100 192.168.1.101 192.168.1.102 192.168.1.103 192.168.1.104 ...... ...... [root@xw4 ~]# cat sshkey.sh #!/bin/bash user=‘root‘ password=‘PASSWORD‘ for ip in `cat /root/ip.list` do /root/sshkey.exp $ip $user $password |grep ssh-rsa >> ~/.ssh/authorized_keys /root/noscp.exp ~/.ssh/authorized_keys $user@$ip:~/.ssh root PASSWORD done
dispatch_copy.exp
#! /usr/local/bin/expect if { $argc != 3 } { send_user "usage :expect dispatch_sshkey.expect file host dest \n" } #define var set timeout 3 set file [lindex $argv 0] set host [lindex $argv 1] set dest [lindex $argv 2] set password "hhh" #spawn scp /home/omc/2017-08-23 root@192.168.25.137:/home/omc #spawn scp -P11544 $file root@$host:$dir #spawn ssh-copy-id -i $file "-p 11544 root@$host:$dir" #spawn ssh-copy-id -i .ssh/id_dsa.pub omc@192.168.25.137 spawn scp $file oldgirl@$host:$dest expect of { #timeout 1 "yes/no" {send "yes\r"} "*password" {send "$password\r"} timeout {puts "Expect was timeout please contact ftl at XXXXX"; return} } exit -onexit { send_user "good bye!! see you \n" }
dispatch-sshkey.exp
#! /usr/local/bin/expect if { $argc !=2 } { send_user "usage :expect dispatch_sshkey.expect file host \n" exit } #define var set file [lindex $argv 0] set host [lindex $argv 1] set password "hhh" #spawn scp /home/omc/2017-08-23 root@192.168.25.137:/home/omc #spawn scp -P11544 $file root@$host:$dir #spawn ssh-copy-id -i $file "-p 11544 root@$host:$dir" #spawn ssh-copy-id -i .ssh/id_dsa.pub omc@192.168.25.137 spawn ssh-copy-id -i $file oldgirl@$host expect { "yes/no" {send "yes\r";exp_continue} "*password" {send "$password\r"} } expect eof
dispatch-sshkey2.exp[更完善]
#! /usr/local/bin/expect if { $argc !=2 } { send_user "usage :expect dispatch_sshkey.expect file host \n" exit } #define var set timeout 1 set file [lindex $argv 0] set host [lindex $argv 1] set password "hhh" #spawn scp /home/omc/2017-08-23 root@192.168.25.137:/home/omc #spawn scp -P11544 $file root@$host:$dir #spawn ssh-copy-id -i $file "-p 11544 root@$host:$dir" #spawn ssh-copy-id -i .ssh/id_dsa.pub omc@192.168.25.137 spawn ssh-copy-id -i $file oldgirl@$host expect { #timeout 1 "yes/no" {send "yes\r";exp_continue} "*password" {send "$password\r"} timeout {puts "Expect was timeout "; return} } expect eof exit -onexit { exec rm $tmpfile send_user "good bye\n" }
标签:one script zed 用户名 which scp 复制 add 密码
原文地址:https://www.cnblogs.com/ftl1012/p/expect2.html