Linux记录-ssh批量双向无密码登录

1批量ssh无密码登录

#!/bin/bash
set -e 

user=root
password=xxx
ssh_port=22
iplist=(10.0.0.1 10.0.0.2 10.0.0.3)

cat >> /etc/sudoers.d/app << EOF
   app ALL=(ALL) ALL
   app ALL=(ALL) NOPASSWD: ALL
   Defaults !env_reset
EOF

env_init(){
for ip in ${iplist[@]}
do
   sshpass -p $password ssh -p $ssh_port $user@$ip  << eeooff
   groupadd -g 6000 apps
   buseradd -s /bin/bash -G apps -m app
   mkdir -p /usr/app
   chown -R app:apps /usr/app
   sed -i '/\^SELINUX/s/=.\*/=disabled/' /etc/selinux/config
   setenforce 0
   systemctl disable firewalld.service
   systemctl stop firewalld.service
   systemctl status firewalld.service
   echo '* soft nofile 65536' >> /etc/security/limits.conf
   echo '* hard nofile 65536' >> /etc/security/limits.conf
   yum -y install sshpass gcc gcc-c++ make openssl-devel supervisor gmp-devel mpfr-devel libmpc-devel libaio numactl autoconf automake libtool libffi-devel snappy snappy-devel zlib zlib-devel bzip2 bzip2-devel lz4-devel libasan lsof lz4 lz4-devel
eeooff
  sshpass -p $password scp -P $ssh_port /etc/sudoers.d/app $user@$ip:/etc/sudoers.d/app
done
}   
ssh_init(){
for((i=0;i<${#iplist[@]};i++))
do 
   sshpass -p $password ssh  -p $ssh_port $user@${iplist[i]} << eeooff
   su app -c "/usr/bin/ssh-keygen -t rsa -f /home/app/.ssh/id_rsa -P '';/bin/bash> /dev/null 2>&1"
   su -c "echo>/home/app/.ssh/authorized_keys" app
   su -c "cat /home/app/.ssh/id_rsa.pub >> /home/app/.ssh/authorized_keys" app
   su -c "chmod 600 /home/app/.ssh/authorized_keys" app
eeooff
done
}

ssh_cp(){
for((i=0;i<${#iplist[@]};i++))
do 
   num=$(echo ${#iplist[@]}-1 | bc) 
   if [[ $i -lt $num ]]
   then
      sshpass -p $password scp -P $ssh_port $user@${iplist[i]}:/home/app/.ssh/authorized_keys $user@${iplist[i+1]}:/home/app/.ssh/authorized_keys
      sshpass -p $password ssh -p $ssh_port $user@${iplist[i+1]} << eeooff
      chown -R app. /home/app
      cat /home/app/.ssh/id_rsa.pub >> /home/app/.ssh/authorized_keys
eeooff
   else
     exit -1
   fi
done
}

ssh_scp(){
for((i=${#iplist[@]}-1;;i--))
do
  if [[ $i -gt 0 ]]
  then
  sshpass -p $password scp -P $ssh_port  $user@${iplist[i]}:/home/app/.ssh/authorized_keys $user@${iplist[i-1]}:/home/app/.ssh/authorized_keys
  else
    exit -1
  fi
done
}
env_init
ssh_init
ssh_cp
ssh_scp

 

posted @ 2020-04-27 09:23  信方  阅读(254)  评论(0编辑  收藏  举报