利用expect的交互功能,自动配置信任机器之间的信任关系。
代码里会判断机器是否生成了秘钥,如果没有生成过,则自动帮助你执行 ssh-keygen
1 #!/bin/sh 2 3 expect_ssh_copy_id() 4 { 5 if [ "$#" -ne "5" ]; then 6 echo "expect_ssh_copy_id <remoteUser> <remoteHostname> <password> <localUserhome> <timeout>"; 7 exit 1; 8 fi 9 local remoteUser=$1 10 local remoteHostname=$2 11 local password=$3 12 local localUserhome=$4 13 local timeout=$5 14 15 expect -c " 16 set timeout $timeout 17 spawn ssh-copy-id -i $localUserhome/.ssh/id_rsa.pub $remoteUser@$remoteHostname 18 expect { 19 \"*yes/no\" { send \"yes\r\"; exp_continue } 20 \"*assword:\" { send \"$password\r\" } 21 } 22 expect eof 23 " 24 25 } 26 27 expect_ssh_keygen() 28 { 29 if [ "$#" -ne "2" ]; then 30 echo "expect_ssh_keygen <localUserhome> <timeout>"; 31 exit 1; 32 fi 33 local localUserhome=$1; 34 local timeout=$2; 35 if [ -f ${localUserhome}/.ssh/id_rsa.pub -a -f ${localUserhome}/.ssh/id_rsa ] ; then 36 echo "$(remoteHostname) is already create id_rsa.pub and id_rsa" 37 else 38 echo "$(remoteHostname) is not set id_rsa.pub and id_rsa.pub" 39 expect -c " 40 set timeout $timeout 41 spawn ssh-keygen 42 expect { 43 \"*save the key*id_rsa*\" {send \"\r\"; exp_continue } 44 \"*verwrite*y/n*\" { send \"y\r\"; exp_continue } 45 \"*passphrase*passphrase*\" { send \"\r\"; exp_continue } 46 \"*same passphrase*\" {send \"\r\" } 47 } 48 expect eof 49 exit 0 50 " 51 if [ "$?" -eq "0" ] ; then 52 echo "create id_rsa.pub,id_rsa successfully" 53 else 54 echo "create id_rsa.pub,id_rsa faild" 55 fi 56 fi 57 58 } 59 configure_trust_relation() 60 { 61 if [ "$#" -ne "5" ]; then 62 echo "configure_trust_relation <remoteUser> <remoteHostname> <password> <localUserhome> <timeout>"; 63 exit 1; 64 fi 65 local remoteUser=$1 66 local remoteHostname=$2 67 local password=$3 68 local localUserhome=$4 69 local timeout=$5 70 71 expect -c " 72 73 set timeout $timeout 74 set trust true 75 76 # 77 # checking remote machine is be trusted 78 # if trust, return 0 79 # if not trust, return 1 80 # 81 spawn ssh $remoteUser@$remoteHostname 82 83 expect { 84 \"*yes/no\" { send \"yes\r\" ; exp_continue } 85 \"*assword:\" { send \"$password\r\" ; set trust false } 86 } 87 88 expect { *\$* } 89 90 send \"exit\r\" 91 sleep 1 92 if { \"\$trust\" == \"false\"} { 93 expect eof 94 exit 1 95 } 96 expect eof 97 exit 0 98 " 99 if [ "$?" -ne "0" ] ; then 100 echo "machine is not be trusted, then exec ssh-copy-id to remote machine" 101 expect_ssh_keygen $localUserhome $timeout 102 expect_ssh_copy_id $remoteUser $remoteHostname $password $localUserhome $timeout 103 else 104 echo "remote machine is be trusted" 105 fi 106 } 107 108 main() 109 { 110 which expect 111 if [ "$?" -ne "0" ]; then 112 echo "expect is not exists" 113 exit 1; 114 fi 115 remoteUser=chen; 116 remoteHostname=localhost; 117 password=chen; 118 localUserhome=$(cd ~;pwd;); 119 timeout=5; 120 121 configure_trust_relation $remoteUser $remoteHostname $password $localUserhome $timeout 122 127 } 128 129 main
expect实现配置机器信任关系,布布扣,bubuko.com
原文:http://www.cnblogs.com/chenfool/p/3762537.html