expect 批量自動部署ssh 免密登錄 之 三

#!/bin/expect --
########################################## zhichao.hu
#Push the id.pas.pub public key to the target server through the SSH service to implement secret-free login.
#Define an iplist Create an iplist file in the current directory. The content format is: User Password IPaddress Port
#parameter: 1.user
#           2.password
#           3.ip
#           4.Por
##########################################
if {[file isfile /root/.ssh/id_rsa.pub]} {
    puts "/root/.ssh/id_rsa.pub file exists"
    set ip_file [open ./iplist r]
    while {[gets $ip_file line] >= 0} {
        set user       [lindex $line 0]
        set password   [lindex $line 1]
        set ip         [lindex $line 2]
        set port       [lindex $line 3]
        spawn ping ${ip} -w 2
        expect {
             -nocase -re "100% packet loss" {
              send_error "Ping ${ip} is unreachable, Please check the IP address.\n"
              exit 1
             }
            }
        spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user@$ip
        expect {
                    #first connect, no public key in ~/.ssh/known_hosts
                       "Are you sure you want to continue connecting (yes/no)?" {
                          send "yes\r"
                        expect "password:"
                        send "$password\r"
                    }
                    #already has public key in ~/.ssh/known_hosts
                        "password:" {
                        send "$password\r"
                            }
                     "Now try logging into the machine" {
                     #it has authorized, do nothing!
                            }
            }
            expect eof
        puts "User: $user,\tPassword: xxxx,\tIP: $ip,\tPort: $port\n"
    }
    close $ip_file    
    exit 0
} elseif {[file isfile /root/.ssh/id_rsa]} {
    puts "/root/.ssh/id_rsa file exists\t\nFile not found in /root/.ssh/id_rsa.pub"
    exit 2
} else {
    puts "Create an rsa key pair..............................."
}


spawn ssh-keygen -t rsa
expect {
    "*file in which to save the key*" {
        send "\n\r"
        send_user "/root/.ssh\r"
        exp_continue
    "*Overwrite (y/n)*"{
        send "n\n\r"
    }
    }
    "*Enter passphrase*" {
        send "\n\r"
        exp_continue
    }
    "*Enter same passphrase again*" {
        send "\n\r"
        exp_continue
    }
}
set ip_file [open ./iplist r]
while {[gets $ip_file line] >= 0} {
    set user       [lindex $line 0]
    set password   [lindex $line 1]
    set ip          [lindex $line 2]
    set port        [lindex $line 3]
    spawn ping ${ip} -w 2
    expect {
         -nocase -re "100% packet loss" {
          send_error "Ping ${ip} is unreachable, Please check the IP address.\n"
          exit 1
         }
        }
    spawn ssh-copy-id -i /root/.ssh/id_rsa.pub $user@$ip
    expect {
            #first connect, no public key in ~/.ssh/known_hosts
            "Are you sure you want to continue connecting (yes/no)?" {
            send "yes\r"
            expect "password:"
            send "$password\r"
            }
            #already has public key in ~/.ssh/known_hosts
            "password:" {
            send "$password\r"
            }
        }
    puts "User: $user,\tPassword: xxxx,\tIP: $ip,\tPort: $port\n"
}
close $ip_file

expect eof
相關文章
相關標籤/搜索