1. My Blog
Blog Park https://www.cnblogs.com/piggybaba/
Personal website: http://piggybaba.cn
GitHub https://github.com/AndyYHM/Writing/
2. Introduction
Abstract: under Linux, automatically create SSH mutual trust script
Author: andy_yhm@yeah.net
Date: 20181225
Keywords: Shell script, SSH, SSH trust, auto, SSH mutual trust, / bin/bash
3. Script output effect
On a single node, user python, after executing the script, input the user password of three nodes python, and automatically create SSH mutual trust relationship
$ sh SSH_Trust.sh /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys python@node11's password: /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys python@node12's password: /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys python@node13's password: Transfer authorized_keys authorized_keys 100% 1185 1.2KB/s 00:00 known_hosts 100% 537 0.5KB/s 00:00 authorized_keys 100% 1185 1.2KB/s 00:00 known_hosts 100% 537 0.5KB/s 00:00
4. Function description
- By default, 3-node automation is supported to create SSH mutual trust relationship
- Support multi node automation to create SSH mutual trust relationship
5. Instructions
- You need to edit the / etc/hosts file in advance
- User name all hosts set to consistent
- Edit the "config to do" section of the script, node hostname and user name before use
- The othernodes parameter should be separated by a space;
- After executing the script, you need to input the passwords of node users one by one
- If the number of host nodes is large, it is recommended to use expect tool and edit the script separately;
6. Script content
#!/usr/bin/env bash
#########################################
# Author: andy_yhm@yeah.net
# Date: 20181225
# Key word: shell script, SSH, SSH trust, auto, SSH mutual trust, / bin/bash
#########################################
#
## Config to do
#
node1=node11
node2=node12
node3=node13
othernodes=
user=test
#
## Please Don't edit content below
#
ssh-keygen -q -P "" -f $HOME/.ssh/id_rsa > /dev/null
for node in ${node1} ${node2} ${node3} ${othernodes}
do
if [ "`hostname`" == "$node" ]; then
ssh-copy-id -o stricthostkeychecking=no $user@$node > /dev/null
else
ssh-copy-id -o stricthostkeychecking=no python@$node > /dev/null
ssh $node 'ssh-keygen -q -P "" -f $HOME/.ssh/id_rsa' > /dev/null
scp -rp $node:$HOME/.ssh/id_rsa.pub ./auth.$node > /dev/null
fi
done
cat ./auth.* >> $HOME/.ssh/authorized_keys
rm -rf ./auth.*
echo "Transfer authorized_keys"
for node in ${node1} ${node2} ${node3} ${othernodes}
do
if [ "`hostname`" != "$node" ]; then
scp -rp $HOME/.ssh/authorized_keys $node:$HOME/.ssh/authorized_keys
scp -rp $HOME/.ssh/known_hosts $node:$HOME/.ssh/known_hosts
fi
done
exit 0