Essential for operation and maintenance: automated script for batch SSH password-free login of Linux machines

During the operation and maintenance of a large project, maintenance engineer Xiao Li needs to perform a routine system update task on dozens of Linux servers. In order to ensure the efficient completion of the task, he needs to implement SSH password-free login between all target servers, so as to avoid manually entering the password every time to log in and improve work efficiency. However, manually configuring password-free login for each server is not only time-consuming, but also prone to errors.

To solve this problem, Xiao Li decided to write a Shell script to automatically configure SSH password-free login between all target servers in batches. This article will detail how to achieve this goal through Shell scripts to help operation and maintenance personnel easily handle similar batch management tasks.

Implementation ideas

• First generate an SSH key pair on your local machine, if you haven't already done so;
• Next, prepare a file containing the target server IP address and a remote username and password for logging in;
• Then write a shell script to read the server list and use the sshpass tool and ssh-copy-id command to copy the local public key to the ~/.ssh/authorized_keys file of each remote server to achieve password-free login;
• Finally, by executing the script, SSH password-free login for all target servers is automatically configured in batches to simplify and automate operation and maintenance operations.

Scripting

This shell script is used to distribute SSH public keys to multiple target hosts in batches to achieve password-free login. The script first checks the necessary dependencies and inputs, then iterates over the target host list and copies the locally generated SSH public key to each target host.

(1) Set the public key file path

 PUB_KEY_FILE="$HOME/.ssh/id_rsa.pub"

Defines the path of the local public key file. The default path is ~/.ssh/id_rsa.pub.

(2) Check whether sshpass is installed

 # 检查sshpass是否安装if ! command -v sshpass &> /dev/null; then echo "sshpass 未安装。请先安装sshpass，然后再运行此脚本。" exit 1 fi

Use command -v to check whether the sshpass tool is installed in the system. If not, prompt the user to install it and exit the script.

(3) Set the target host list file and check whether the file exists

 host_list_file="$1" if [ ! -f "$host_list_file" ]; then echo "错误: 文件'$host_list_file' 不存在" exit 1 fi

Assign the first command line argument (the target host list file) to the host_list_file variable.

(4) Read the target host list and distribute the public key

 while IFS= read -r host; do echo "正在处理$host..." ...... done < "$host_list_file"

Use a while loop to read the target host list file line by line, read a host address each time and assign it to the host variable.

(5) Generate an SSH key pair

 if [ ! -f ~/.ssh/id_rsa ]; then ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa fi

Check whether the SSH private key file ~/.ssh/id_rsa already exists locally. If not, generate a new SSH key pair.

(6) Use sshpass and ssh-copy-id to copy the public key to the target host

 sshpass -p "$password" ssh-copy-id -i ~/.ssh/id_rsa.pub "-p $ssh_port" "$host"

Use the sshpass tool to provide the password, and use the ssh-copy-id command to copy the local public key to the ~/.ssh/authorized_keys file of the target host. Specify the SSH port and the target host address.

Script Usage

Four test machines are prepared here, as shown below:

Create a new file named deploy_ssh_keys.sh on the jump server, copy the script content into it, and then save and exit. As shown below:

Then, grant execution permissions to the script and execute the following command:

 chmod +x deploy_ssh_keys.sh

Next, create a new file named ip.txt to store the IP list. The content format is as follows:

 192.168.31.185 192.168.31.232 192.168.31.210 192.168.31.209

Run the following command to execute the script file

 ./deploy_ssh_keys.sh ip.txt 22 123456

After successful execution, the following information will be output.

Finally, I found a machine on the jump server to test it, and the input results are as follows:

in conclusion

Through the above steps and Shell scripts, you can easily implement SSH password-free login between multiple Linux servers. This method is suitable for scenarios that require batch management and automated operation and maintenance, and can greatly improve work efficiency. I hope this tutorial is helpful to you!