ssh-keygen非交互式创建秘钥对

作者:马帅琦
归档:day38
时间:2019/4/23

1.ssh-keygen非交互式创建秘钥对:
具体命令:ssh-keygen -f ~/.ssh/id_rsa -P '' -q
参数讲解:

  •    ssh-keygen:密钥对创建工具
    [-P old_passphrase]  密码
        [-f output_keyfile]  输出的秘钥文件
        [-q]       不输出信息      
    [-t dsa ]  指定秘钥类型。
    

2.ssh-copy-id不需要提示yes/no分发秘钥
具体命令:ssh-copy-id -f -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no 172.16.1.8

参数讲解:
    ssh-copy-id  -f   -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no root172.16.1.8
ssh-copy-id [-f] [-i [identity_file]] [-p port] [[-o ] ...] [user@]hostname
说明:
-f: force mode 强制
[-i [identity_file]] 指定秘钥文件
[[-o ] ...] 指定ssh参数选项。

3.sshpass工具:指定密码非人工交互分发秘钥
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7

[root@web02 ~]# sshpass -help
Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7
sshpass [-f|-d|-p|-e] [-hV] command parameters

参数讲解:
-p password   Provide password as argument (security unwise)    #指定用户密码操作

4.一键配置实践

把web02作为分发服务器:
web02(8)-->m01(61)
web02(8)-->web01(7)

ssh-keygen -f ~/.ssh/id_rsa  -P '' -q
ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7
sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.7

#!/bin/bash
#yum install sshpass -y
ssh-keygen -f ~/.ssh/id_rsa  -P '' -q
for ip in 7 61
do
  sshpass -p123456 ssh-copy-id -f -i ~/.ssh/id_rsa.pub "-o StrictHostKeyChecking=no" 172.16.1.$ip
done
#test
ssh 172.16.1.7 "ifconfig eth0"
ssh 172.16.1.61 "ifconfig eth0"

你可能感兴趣的:(ssh-keygen非交互式创建秘钥对)