首页 > 代码库 > expect实现配置机器信任关系

expect实现配置机器信任关系

2024-07-06 18:04:09   220人阅读

利用expect的交互功能,自动配置信任机器之间的信任关系。

代码里会判断机器是否生成了秘钥,如果没有生成过,则自动帮助你执行 ssh-keygen

  1 #!/bin/sh
  2 
  3 expect_ssh_copy_id()
  4 {
  5   if [ "$#" -ne "5" ]; then
  6      echo "expect_ssh_copy_id <remoteUser> <remoteHostname> <password> <localUserhome> <timeout>";
  7      exit 1;
  8   fi
  9   local remoteUser=$1
 10   local remoteHostname=$2
 11   local password=$3
 12   local localUserhome=$4
 13   local timeout=$5
 14   
 15   expect -c "
 16     set timeout $timeout 
 17     spawn ssh-copy-id -i $localUserhome/.ssh/id_rsa.pub $remoteUser@$remoteHostname
 18     expect {
 19       \"*yes/no\" { send \"yes\r\"; exp_continue }
 20       \"*assword:\" { send \"$password\r\" }
 21     } 
 22     expect eof
 23   "
 24 
 25 }
 26 
 27 expect_ssh_keygen()
 28 {
 29   if [ "$#" -ne "2" ]; then
 30      echo "expect_ssh_keygen <localUserhome> <timeout>";
 31      exit 1;
 32   fi
 33   local localUserhome=$1;
 34   local timeout=$2;
 35   if [ -f ${localUserhome}/.ssh/id_rsa.pub -a -f ${localUserhome}/.ssh/id_rsa ] ; then
 36      echo "$(remoteHostname) is already create id_rsa.pub and id_rsa"
 37   else
 38      echo "$(remoteHostname) is not set id_rsa.pub and id_rsa.pub"
 39      expect -c "
 40        set timeout $timeout
 41        spawn ssh-keygen
 42        expect {
 43         \"*save the key*id_rsa*\" {send \"\r\"; exp_continue }
 44         \"*verwrite*y/n*\" { send \"y\r\"; exp_continue }
 45         \"*passphrase*passphrase*\" { send \"\r\"; exp_continue }
 46         \"*same passphrase*\" {send \"\r\" }
 47        }
 48        expect eof
 49        exit 0
 50      "
 51      if [ "$?" -eq "0" ] ; then 
 52        echo "create id_rsa.pub,id_rsa successfully"
 53      else
 54        echo "create id_rsa.pub,id_rsa faild"
 55      fi
 56   fi
 57 
 58 }
 59 configure_trust_relation()
 60 {
 61   if [ "$#" -ne "5" ]; then 
 62      echo "configure_trust_relation <remoteUser> <remoteHostname> <password> <localUserhome> <timeout>";
 63      exit 1;
 64   fi
 65   local remoteUser=$1
 66   local remoteHostname=$2
 67   local password=$3
 68   local localUserhome=$4
 69   local timeout=$5
 70 
 71   expect -c "
 72    
 73     set timeout $timeout 
 74     set trust true
 75 
 76     #
 77     # checking remote machine is be trusted
 78     # if trust, return 0
 79     # if not trust, return 1
 80     #
 81     spawn ssh $remoteUser@$remoteHostname
 82 
 83     expect {
 84       \"*yes/no\" { send \"yes\r\" ; exp_continue }
 85       \"*assword:\" { send \"$password\r\" ; set trust false }
 86     } 
 87   
 88     expect { *\$* }
 89     
 90     send \"exit\r\"
 91     sleep 1
 92     if { \"\$trust\" == \"false\"} {
 93       expect eof
 94       exit 1
 95     }
 96     expect eof
 97     exit 0
 98   "
 99   if [ "$?" -ne "0" ] ; then
100     echo "machine is not be trusted, then exec ssh-copy-id to remote machine"
101     expect_ssh_keygen $localUserhome $timeout
102     expect_ssh_copy_id $remoteUser $remoteHostname $password $localUserhome $timeout
103   else
104     echo "remote machine is be trusted"
105   fi
106 }
107 
108 main()
109 {
110   which expect
111   if [ "$?" -ne "0" ]; then
112     echo "expect is not exists"
113     exit 1;
114   fi
115   remoteUser=chen;
116   remoteHostname=localhost;
117   password=chen;
118   localUserhome=$(cd ~;pwd;);
119   timeout=5;
120 
121   configure_trust_relation $remoteUser $remoteHostname $password $localUserhome $timeout
122 
127 }
128 
129 main

 


联系
我们