expect实现配置机器信任关系-白红宇

expect实现配置机器信任关系

阅读量：5240 次

发布时间：2019-06-14

本文共 2998 字，大约阅读时间需要 9 分钟。

利用expect的交互功能，自动配置信任机器之间的信任关系。

代码里会判断机器是否生成了秘钥，如果没有生成过，则自动帮助你执行 ssh-keygen

1 #!/bin/sh  2   3 expect_ssh_copy_id()  4 {  5   if [ "$#" -ne "5" ]; then  6      echo "expect_ssh_copy_id 
      
       
        
         
         
          ";  7      exit 1;  8   fi  9   local remoteUser=$1 10   local remoteHostname=$2 11   local password=$3 12   local localUserhome=$4 13   local timeout=$5 14    15   expect -c " 16     set timeout $timeout  17     spawn ssh-copy-id -i $localUserhome/.ssh/id_rsa.pub $remoteUser@$remoteHostname 18     expect { 19       \"*yes/no\" { send \"yes\r\"; exp_continue } 20       \"*assword:\" { send \"$password\r\" } 21     }  22     expect eof 23   " 24  25 } 26  27 expect_ssh_keygen() 28 { 29   if [ "$#" -ne "2" ]; then 30      echo "expect_ssh_keygen 
           
           
            "; 31 exit 1; 32 fi 33 local localUserhome=$1; 34 local timeout=$2; 35 if [ -f ${localUserhome}/.ssh/id_rsa.pub -a -f ${localUserhome}/.ssh/id_rsa ] ; then 36 echo "$(remoteHostname) is already create id_rsa.pub and id_rsa" 37 else 38 echo "$(remoteHostname) is not set id_rsa.pub and id_rsa.pub" 39 expect -c " 40 set timeout $timeout 41 spawn ssh-keygen 42 expect { 43 \"*save the key*id_rsa*\" {send \"\r\"; exp_continue } 44 \"*verwrite*y/n*\" { send \"y\r\"; exp_continue } 45 \"*passphrase*passphrase*\" { send \"\r\"; exp_continue } 46 \"*same passphrase*\" {send \"\r\" } 47 } 48 expect eof 49 exit 0 50 " 51 if [ "$?" -eq "0" ] ; then 52 echo "create id_rsa.pub,id_rsa successfully" 53 else 54 echo "create id_rsa.pub,id_rsa faild" 55 fi 56 fi 57 58 } 59 configure_trust_relation() 60 { 61 if [ "$#" -ne "5" ]; then 62 echo "configure_trust_relation 
             
              
               
                
                
                 "; 63 exit 1; 64 fi 65 local remoteUser=$1 66 local remoteHostname=$2 67 local password=$3 68 local localUserhome=$4 69 local timeout=$5 70 71 expect -c " 72 73 set timeout $timeout 74 set trust true 75 76 # 77 # checking remote machine is be trusted 78 # if trust, return 0 79 # if not trust, return 1 80 # 81 spawn ssh $remoteUser@$remoteHostname 82 83 expect { 84 \"*yes/no\" { send \"yes\r\" ; exp_continue } 85 \"*assword:\" { send \"$password\r\" ; set trust false } 86 } 87 88 expect { *\$* } 89 90 send \"exit\r\" 91 sleep 1 92 if { \"\$trust\" == \"false\"} { 93 expect eof 94 exit 1 95 } 96 expect eof 97 exit 0 98 " 99 if [ "$?" -ne "0" ] ; then100 echo "machine is not be trusted, then exec ssh-copy-id to remote machine"101 expect_ssh_keygen $localUserhome $timeout102 expect_ssh_copy_id $remoteUser $remoteHostname $password $localUserhome $timeout103 else104 echo "remote machine is be trusted"105 fi106 }107 108 main()109 {110 which expect111 if [ "$?" -ne "0" ]; then112 echo "expect is not exists"113 exit 1;114 fi115 remoteUser=chen;116 remoteHostname=localhost;117 password=chen;118 localUserhome=$(cd ~;pwd;);119 timeout=5;120 121 configure_trust_relation $remoteUser $remoteHostname $password $localUserhome $timeout122 127 }128 129 main