① 如何自動輸入密碼ssh連接到其他機器
主要的解決方法有三種:
1. 生成ssh公鑰,建立和對方機器的信任關系;
2. 使用expect腳本;
3. 使用sshpass。
這里介紹一下sshpass相關內容
下載並安裝sshpass):
# tar zxvf sshpass-xxxx.tar.gz
# cd sshpass-xxxx
# ./configure
# make && make install
基本用法:sshpass -p [密碼] ssh [user]@[host]
免去第一次登錄機器時的確認提示(Are you sure you want to continue connecting (yes/no)):
sshpass -p [密碼] ssh [user]@[host] -o StrictHostKeyChecking=no
後面也可以跟上其他ssh命令,如scp等
例1,公司的一個環境,大部分機器的login密碼是"1root",少部分是"123qwe",新建一個hssh.sh文件,按如下修改,到/usr/bin/目錄下。
[cpp] view plain
#!/bin/sh
#_main_
temp_file=/tmp/hssh.1
ip=192.168.$1
case "$1" in
"204.188"|"207.31"|"205.199") password="123qwe";;
*) password="1root"
esac
sshpass -p $password ssh root@$ip -o StrictHostKeyChecking=no 2>$temp_file
if [ $? != 0 ];then
#for some reason,machine had reinstall, we need to delete that IP address in known_hosts file before ssh it.
grep -q "REMOTE HOST IDENTIFICATION HAS CHANGED" $temp_file
if [ $? = 0 ];then
key_file=`grep "Offending key in" $temp_file | cut -d' ' -f 4 | cut -d ':' -f1 2>/dev/null`
cat $key_file | grep -v "$ip" > $temp_file
sudo cp -v $temp_file $key_file
sshpass -p $password ssh root@$ip -o StrictHostKeyChecking=no 2>$temp_file
fi
fi
那麼我們每次只要輸入hssh XXX.XXX 等就可以ssh到對應機器上了
② linux下怎樣設置ssh無密碼登錄
有兩種方法,可以用證書實現無密碼登錄,或者sshpass命令可以指定ssh登陸密碼。
1、派出間諜
Step 1:執行ssh-keygen -t rsa,會在~/.ssh下生成兩個文件,id_isa和id_isa.pub
On one of the local LINUX (not SGI) machines, generate an id_rsa and id_rsa.pub pair as follows (this machine will subsequently be referred to as your home machine):
ssh-keygen will create the files ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub.
Step 2: Copy the contents of ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys on any and all machines to which you want to be able to ssh to without being prompted for a password
可以用下面的命令完成此步驟:
cat id_rsa.pub |ssh [email protected] 『cat ->> ~/.ssh/authorized_keys』
2、用sshpass程序
安裝:
tar zxf sshpass-1.05.tar.gz
cd sshpass-1.05
./configure;make;make install
which sshpass
/usr/local/bin/sshpass
實例:
sshpass -p 「passwd」 ssh root@ip