Links: https://pan.baidu.com/s/1woaT0qcQmhzWKpM-YsA76g
Extraction code: m8j7
[root@server1 ~]# cat /home/auth/README.md
Use step: # install the package on the actuator expect localinstall -Y TCL-8.5.13-8.el7.x86_64.rpm yum-5.45-14.el7_1.x86_64.rpm expect 1. The execution machine into the directory auth / Home under 2. execute ssh-keygen in the implementation of machine - t rsa, has a carriage return. The establishment of a public key (remote end use) and private (local use) # parameter represents the use -t rsa rsa encryption algorithm # After execution, will be in / home / user /.ssh current directory (root user in /root/.ssh ) find id_rsa (private key) and id_rsa.pub (public key) under 2. increase the X-+ execute permissions chmod / Home / auth / chroot.exp 3 . the machine will need to do mutual trust ip ips written to a file 4. execute sh / Home / auth / Exec .sh to complete mutual trust
[root@server1 ~]# cat /home/auth/ips
192.168.0.104 192.168.0.109 192.168.0.108 192.168.0.102 192.168.0.105 192.168.0.106
[root@server1 ~]# cat /home/auth/exec.sh
#!/bin/bash for ip in `cat /home/auth/ips` do /home/auth/chroot.exp $ip >/dev/null echo "$ip" done
[root@server1 ~]# cat /home/auth/chroot.exp
# ! / Usr / bin / the Expect # lindex $ argv 0 represents the IP behind with this variable take .exp file the first character in the SET IP [lindex $ argv 0] the SET ANSWER yes the SET PASSWD RedHat # Set the timeout time, in seconds -1 means wait indefinitely the SET timeout -1 # SSH-copy-the above mentioned id command to copy the public key of the local host to the remote host's authorized_keys file, ssh-copy-id command to the remote host will be the user's home directory (home ) and ~ / .ssh, and ~ / .ssh / authorized_keys set the appropriate permissions. -i file specifies the public spawn SSH-Copy-the above mentioned id -i /root/.ssh/ id_rsa.pub root @ $ IP # judge expect the results in the previous output contains connecting string containing sends $ ANSWER. No transmission to wait for some time, this wait time is the value of the timeout preceding Expect { # Enter $ in the ANSWER interface connecting the matched character which, when executed later sqawn command, without this interaction, ecp_continue means skip continue carried out under a matching interface. \ r represents the back of the line, interpreted here as a carriage return. " * Connecting " {the send " ANSWER $ \ r " ; exp_continue} " * password " {the send " $ PASSWD \ r " } } # exit expect the environment, interact representatives expect to stay in the environment expect eof