中心分发服务器A:Center-A:10.0.0.51
接收节点服务器B:Client-B:10.0.0.52
接收节点服务器C:Client-C:10.0.0.53
说明:由A发往B和C服务器
Center-A
如果用别的用户要提前在接收点的服务器上创建用户,并分别给予密码,
1.生成秘钥
[root@oldboy ~]# useradd -u 600 lican
[root@oldboy ~]# echo 'centos'|passwd lican --stdin
Changing password for user lican.
passwd: all authentication tokens updated successfully.
[root@oldboy ~]# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
b4:fc:d8:b3:f9:2c:eb:dd:74:13:02:28:00:90:e1:e3 root@oldboy
The key's randomart image is:
+--[ DSA 1024]----+
| o+... |
|.. . . |
| o ... . |
|. . o.. . |
| E S . . |
| + . .|
| . + ...|
| .* o ..|
| .=++ . |
+-----------------+
[root@oldboy ~]#
2.分发秘钥(要先执行步骤3增加用户)
[root@oldboy .ssh]# ssh-copy-id -i id_dsa.pub [email protected]
Now try logging into the machine, with "ssh '[email protected]'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@oldboy .ssh]#
这两台的接收点的服务器可以创建不同的用户,Center-A在分发的时候也可以指定两台服务器上面新建的不同用户,在分发秘钥前都得提前在接收节点服务器上增加用户,切记分发秘钥的时候 一定要在.ssh目录下
3.增加用户
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
Client-B和 Client-C [root@oldboy ~]# useradd fenfa [root@oldboy ~]# echo "123456"|passwd --stdin fenfa
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
备注:此处的用户可以是别的用户或者自己新加的用户,这个操作会把公钥的拷贝到相应用户的家目录下,本次是接收点的服务器,这两台的服务器都要加上次用户。
4.测试秘钥
测试: (在中心分发服务器A上测试):可以看出在下面测试成功秘钥
测试接收节点服务器B
[root@oldboy ~]# ssh [email protected]
Last login: Thu Apr 21 20:04:34 2016 from 10.0.0.51
[fenfa@oldboy ~]$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C4:52:60
inet addr:10.0.0.52 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec4:5260/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:691 errors:0 dropped:0 overruns:0 frame:0
TX packets:201 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:71659 (69.9 KiB) TX bytes:27871 (27.2 KiB)
测试接收节点服务器C
[root@oldboy .ssh]# ssh [email protected]
Last login: Thu Apr 21 20:14:05 2016 from 10.0.0.51
[fenfa@oldboy ~]$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:36:85:75
inet addr:10.0.0.53 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe36:8575/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1230 errors:0 dropped:0 overruns:0 frame:0
TX packets:247 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:121826 (118.9 KiB) TX bytes:35820 (34.9 KiB)
5.测试批量分发:scp 分发(ok):
[root@oldboy ~]# mkdir -p /server/scripts/
[root@oldboy ~]# cd /server/scripts/
[root@oldboy scripts]# ls
ssh.sh
[root@oldboy scripts]# cat ssh.sh
scp -P22 /root/system_init.sh [email protected]:~
scp -P22 /root/system_init.sh [email protected]:~
[root@oldboy scripts]# bash ssh.sh
system_init.sh 100% 30 0.0KB/s 00:00
system_init.sh 100% 30 0.0KB/s 00:00
[root@oldboy scripts]#
rsync 分发(ok):
[root@oldboy scripts]# vim rsync.sh
rsync -avz --progress -e 'ssh -p22' /tmp/test [email protected]:/tmp/
rsync -avz --progress -e 'ssh -p22' /tmp/test [email protected]:/tmp/
[root@oldboy scripts]# bash rsync.sh
sending incremental file list
test
6 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1)
sent 75 bytes received 31 bytes 42.40 bytes/sec
total size is 6 speedup is 0.06
sending incremental file list
test
6 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1)
sent 75 bytes received 31 bytes 30.29 bytes/sec
total size is 6 speedup is 0.06
[root@oldboy scripts]#
6.脚本分发:
[root@oldboy scripts]# cat fenfajiaoben.sh
#!/bin/sh
. /etc/init.d/functions
file="$1"
remote_dir="$2"
if [ $# -ne 2 ];then
echo "usage:$0 argv1 argv2"
echo "must have two argvs."
exit
fi
for ip in `cat all_iplist.txt`
do
scp -P22 -r -p $file fenfa@$ip:$remote_dir >/dev/null 2>&1
if [ $? -eq 0 ];then
action "$ip is successful." /bin/true
else
action "$ip is failure." /bin/false
fi
done
[root@oldboy scripts]# cat all_iplist.txt
10.0.0.53
10.0.0.52
[root@oldboy scripts]#
[root@oldboy scripts]# bash fenfajiaoben.sh /tmp/test /tmp
10.0.0.53 is successful. [ OK ]
10.0.0.52 is successful. [ OK ]
bash 执行命令
fenfajiaoben.sh 执行脚本
/tmp/test 负责分发的本机文件
/tmp 接收端的目录