shell__ BuildTrust - wxl1989beyond/wxl GitHub Wiki

#!/bin/bash

genRsaKeys()
{
if -f "/root/.ssh/id_rsa.pub"; then
return 0
fi
expect -c "
spawn su – $userid -c \“ssh-keygen -t rsa\”
expect Enter*:
send \r
expect Enter*:
send \r
expect Enter*:
send \r
expect eof" >> $logfile 2>&1
if [ $? -ne 0 ];then
echo “make local rsa key pair failed.”
return 1
fi

return 0

}

buildTrust()
{
ipaddr=$1
#filter local ip
if ifconfig -a | grep -w $ipaddr >/dev/null
then
echo “buildTrust() | Skip to deal the local hosts”
return 1
fi

ping -c 1 $ipaddr >/dev/null if [ $? != 0 ] then echo “$ipaddr is not alive, please check. Skip it for now.” return 2 fi expect -c " exp_internal 1 spawn ssh -o StrictHostKeyChecking=no $ipaddr \“mkdir -p $userhome/.ssh\” sleep .5 expect Password: send $userpass\r expect eof" >> $logfile 2>&1 if [ $? -ne 0 ];then echo “make remote .ssh dir for $ipaddr failed.” return 3 fi expect -c " exp_internal 1 spawn scp $userhome/.ssh/id_rsa.pub $ipaddr:$userhome/.ssh/authorized_keys sleep .5 expect Password: send $userpass\r expect eof" >> $logfile 2>&1 if [ $? -ne 0 ];then echo “failed to transfer pub key to $ipaddr.” return 4 fi ssh $ipaddr “rm -f $userhome/.ssh/id_rsa*” >> $logfile 2>&1 if [ $? -ne 0 ];then echo “failed to remove old pub key of $ipaddr.” return 5 fi ssh $ipaddr ’expect -c " spawn ssh-keygen -t rsa expect Enter*: send \r expect Enter*: send \r expect Enter*: send \r expect eof"’ >> $logfile 2>&1 if [ $? -ne 0 ];then echo “failed to generate pub key of $ipaddr.” return 6 fi scp $ipaddr:$userhome/.ssh/id_rsa.pub $userhome/.ssh/id_rsa.$ipaddr >> $logfile 2>&1 if [ $? -ne 0 ];then echo “failed to transfer pub key of $ipaddr to local.” return 7 fi cat $userhome/.ssh/id_rsa.$ipaddr >> $userhome/.ssh/authorized_keys echo “trust relationship has been built for $ipaddr .” return 0

}

######################################MAIN#################################
#I need read machine info from config.txt.
#The file content like this: [ip username password]
#you need spilit records by newline.
#for example:

  1. 10.0.0.1 root password_1
  2. 10.0.0.2 root password_2
    #you can add commit in config.txt with sharp, like this:
  3. #10.0.0.3 root password_3
    ###########################################################################
    CONFIG_FILE=$(pwd)/config.txt
    if [ ! -f $CONFIG_FILE ];then
    echo “please add config.txt in your dir[$(pwd)]”
    exit 1
    fi

#define logfile
logfile=$(pwd)/buildTrust.log

line_num=`cat $CONFIG_FILE|wc -l`
for ((index=1; index<=$line_num; index++));do
statement=“sed -n ’”$index"p’ $CONFIG_FILE"
line=$(eval $statement)
position_temp=${line:0:1}
if $position_temp != '#';then
echo $line
i=0
for e in $line;do
i=$((i+1))
if [ $i == 1 ]; then
IP=$e
fi
if [ $i == 2 ]; then
userid=$e
fi
if [ $i == 3 ]; then
userpass=$e
if [ -z “$userpass” ];then
userpass=$userid
fi
fi
done

if $i < 2;then echo “the line elements has less than 2” continue fi userhome=`awk -F ‘:’ ‘/’“$userid”‘/{print $6}’ /etc/passwd` echo “start to config $IP, $userid, $userpass” genRsaKeys ret=$? if $ret != 0;then echo “genRsaKeys error[$ret]” continue fi #start config buildTrust $IP ret=$? if $ret != 0;then echo “buildTrust error[$ret]” continue fi fi

done

Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️