使用Shell脚本提供密码

Question

我已经为无密码登录设置了我的客户端&服务器。 通过将服务器的RSA密钥复制到所有客户端的/root/.ssh/id-rsa.pub，与无密码登录一样。但是，这是我手动完成的。我喜欢使用shell脚本自动执行此过程，并通过脚本向机器提供密码。 如果这个问题解决了，那么我也想使用rsync来自动化推送项目到所有服务器。 任何机构都可以在这方面帮助我。

谢谢

Answer 1

此脚本附带Debian（和衍生产品）机器来分配密钥。它被称为ssh-copy-id。你会这样使用它：

ssh-copy-id [-i identity_file] [user@]machine 

然后你会输入密码，复制完成。你只会这样做一次，然后像往常一样使用rsync over ssh。

#!/bin/sh 

# Shell script to install your identity.pub on a remote machine 
# Takes the remote machine name as an argument. 
# Obviously, the remote machine must accept password authentication, 
# or one of the other keys in your ssh-agent, for this to work. 

ID_FILE="${HOME}/.ssh/identity.pub" 

if [ "-i" = "$1" ]; then 
    shift 
    # check if we have 2 parameters left, if so the first is the new ID file 
    if [ -n "$2" ]; then 
    if expr "$1" : ".*\.pub" ; then 
     ID_FILE="$1" 
    else 
     ID_FILE="$1.pub" 
    fi 
    shift   # and this should leave $1 as the target name 
    fi 
else 
    if [ x$SSH_AUTH_SOCK != x ] ; then 
    GET_ID="$GET_ID ssh-add -L" 
    fi 
fi 

if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then 
    GET_ID="cat ${ID_FILE}" 
fi 

if [ -z "`eval $GET_ID`" ]; then 
    echo "$0: ERROR: No identities found" >&2 
    exit 1 
fi 

if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then 
    echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2 
    exit 1 
fi 

{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1 

cat <<EOF 
Now try logging into the machine, with "ssh '$1'", and check in: 

    .ssh/authorized_keys 

to make sure we haven't added extra keys that you weren't expecting. 

EOF 

Answer 2

如果需要推送更新/网络中的变化到多台计算机，那么你可能要考虑在寻找的东西像Puppet，正常渠道之外的工作。

Answer 3

当.ssh/authorized_keys方法不可用时，您可以使用expect来登录远程机器。例如：

#!/usr/bin/expect 

spawn ssh user@remote-host 
expect "*password: $" 
send "YOUR PASSWORD HERE\n" 
send "bash\n" 
interact