Experiment Description:
In automatic deployment, other SSH machines will often operate. However, each password authentication is very annoying, especially for a long password, so SSH password free login is essential;
When there are many machines, Ansible is often used to distribute and execute SSH password free login scripts, so that each machine can be password free login.
Experimental environment:
- Host system: Fedora 28 WorkStation
- Virtual Machine Manager: virt manager 1.5.1
-
Virtual machine configuration: ha1 CentOS 7.2 1511 (minimal) virbr0: 192.168.122.57
ha2 CentOS 7.2 1511 (minimal) virbr0: 192.168.122.58
ha3 CentOS 7.2 1511 (minimal) virbr0: 192.168.122.59
Experimental steps:
-
Install the system and configure the network (all virtual machines need to be networked)
-
First operate the first virtual machine (ha1)
-
Write the mapping relationship between host name and IP
1 [root@ha1 ~]# vi /etc/hosts 2 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 3 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 4 192.168.122.57 ha1 5 192.168.122.58 ha2 6 192.168.122.59 ha3
-
Create public key
1 [root@ha1 ~]# ssh-keygen -t rsa 2 Generating public/private rsa key pair. 3 Enter file in which to save the key (/root/.ssh/id_rsa): 4 /root/.ssh/id_rsa already exists. 5 Overwrite (y/n)? y 6 Enter passphrase (empty for no passphrase): 7 Enter same passphrase again: 8 Your identification has been saved in /root/.ssh/id_rsa. 9 Your public key has been saved in /root/.ssh/id_rsa.pub. 10 The key fingerprint is: 11 40:c3:81:eb:60:49:2e:f7:fe:59:bb:ef:7d:ad:bb:06 root@ha2 12 The key's randomart image is: 13 +--[ RSA 2048]----+ 14 | o+. | 15 | . .... | 16 | o . .. | 17 |. * . . | 18 | + + S | 19 | o E | 20 | . . . . | 21 | . o . . o .| 22 | .o o+o .o++ | 23 +-----------------+
-
Send public key to remote machine
1 [root@ha1 ~]# ssh-copy-id root@192.168.122.58 2 [root@ha1 ~]# ssh-copy-id root@192.168.122.59
-
The above is the way of executing commands one by one for a single virtual machine. Write the above operations into a script (the script is at the PS at the end of this article)
-
Next, operate other virtual machines (ha2, ha3)
1 # virtual machine ha2 2 [root@ha2 ~]# chmod 777 build-ssh-credit.sh 3 [root@ha2 ~]# ./build-ssh-credit.sh
1 # virtual machine ha3 2 [root@ha3 ~]# chmod 777 build-ssh-credit.sh 3 [root@ha3 ~]# ./build-ssh-credit.sh
-
So far, the three virtual machines do not need to enter a password to access each other, which realizes SSH password free login
-
Complete!!!
PS: public key initialization and SSH password free login script (build SSH credit. SH), which can be directly copied for use.
#!/usr/bin/bash # install expect,minimal No such thing rpm Package, networking or local yum source yum install expect -y expect << EOF set timeout 10 # Create public key spawn ssh-keygen -t rsa expect { "*to save the key" {send "\n";exp_continue} "*(y/n)" {send "y\r";exp_continue} "Enter passphrase" {send "\n";exp_continue} "Enter same passphrase" {send "\n";exp_continue} } EOF # Obtain/etc/hosts In addition to documents localhost Mapping of ip_list=`grep -v 'localhost' /etc/hosts | awk -F ' ' '{print $1,$2}'` for ip in $ip_list do expect << EOF set timeout 2 # Send public key spawn ssh-copy-id root@$ip expect { "yes/no" {send "yes\r";exp_continue} "password" {send "000000\r";exp_continue} } # Copy/etc/hosts File to remote machine spawn scp /etc/hosts $ip:/etc expect { "yes/no" {send "yes\r";exp_continue} "password" {send "root\r";exp_continue} } EOF done