- 论坛徽章:
- 3
|
学生党:飘过~,再来一个公钥分发的脚本
- $ cat trans_authorized_key.sh
- #!/bin/bash
- . /etc/init.d/functions
- #usage: expect trans_authorized_key.exp <pbkey_name> <rusername> <rpassword> <remoteip>
- for remoteip in 172.24.10.{2..5}
- do
- >.res
- expect trans_authorized_key.exp ~/.ssh/id_dsa.pub root yinhe@123 ${remoteip} >/dev/null 2>&1
- if [[ $(cat .res) == 0 ]];then
- action "${remoteip}" /bin/true
- else
- action "${remoteip}" /bin/false
- fi
- done
复制代码
- $ cat trans_authorized_key.exp
- #!/usr/bin/expect
- if { $argc != 4 } {
- send_user "usage expect trans_authorized_key.exp pbkey_name rusername rpassword remoteip\n"
- exit
- }
- #define var
- set pb_key [lindex $argv 0]
- set rm_usr [lindex $argv 1]
- set rm_pas [lindex $argv 2]
- set rm_ips [lindex $argv 3]
- #spawn ssh-copy-id -i id_rsa.pub yhsafe@172.24.10.2
- spawn ssh-copy-id -i $pb_key $rm_usr@$rm_ips
- expect {
- "*expecting." {send_user [exec echo "0" >> .res]}
- "yes/no" {exp_send "yes\n" }
- "*password:" {exp_send "$rm_pas\n" }
- }
- wait
- expect eof
- exit
复制代码 如果要php->apache越权访问任何节点服务器信息那就顺便visodu一下Defaults~即安全又方便~当然节点服务器那就禁止root登录用低权限用户sudo~安全又方便测试 |
|