python利用脚本轻松实现ssh免密登陆配置
作者:碧蓝幻想
1.安装python和pip包
yum install -y epel-release yum install -y python python-pip
2.pip安装依赖库
pip install pexpect # 此库用相当于linux中的expect命令
3.完整脚本
# coding=UTF-8
import sys,os,pexpect,subprocess
host_controller="192.168.174.150" # 控制节点IP地址
host_addresses=["192.168.174.151","192.168.174.152"] # 客户端们的IP地址
host_domains=["client1","client2"] # 客户端们的域名
host_username="root" # ssh连接的用户,控制端的用户为root
host_passwd="110119" # ssh连接的用户密码
# 本地创建ssh公钥
if os.path.exists("/root/.ssh/id_rsa.pub") == True:
print("\033[32m"+"ssh公钥已创建"+"\033[0m") # 输出绿色字体
else:
print("\033[32m"+"ssh公钥未创建,开始创建"+"\033[0m")
child = pexpect.spawn('ssh-keygen -t rsa -b 1024')
child.expect('Enter file in which to save the key')
child.sendline('')
child.expect('Enter passphrase')
child.sendline('')
child.expect('Enter same passphrase again')
child.sendline('')
child.expect(pexpect.EOF) # 用于等待子进程的结束
print(child.before.decode()) # 等待命令执行完毕并打印输出信息
print("\033[32m" + "ssh公钥已创建" + "\033[0m")
print("\n")
# 向被控主机添加公钥的方法
def add_ssh_public_key_client(address,username,password):
print("\033[32m"+"{}正在被添加公钥".format(address)+"\033[0m")
# BatchMode=yes:表示使SSH在连接过程中不会提示输入密码,而直接尝试免密连接,-o ConnectTimeout=5:表示限制连接超时时间为5秒
public_key_flag=os.system("ssh {}@{} -o BatchMode=yes -o ConnectTimeout=5 'exit'".format(username,address))
if public_key_flag== 0:
print("\033[32m" + "{}已经可以ssh连接".format(address) + "\033[0m")
return
child = pexpect.spawn('ssh-copy-id -i /root/.ssh/id_rsa.pub {}@{}'.format(username,address))
try:
child.expect('Are you sure you want to continue connecting')
except pexpect.TIMEOUT: # 如果try块中的咨询超时5秒没有出现就会出现异常pexpect.TIMEOUT
print("\033[32m"+"{}已经不是首次ssh连接了".format(address)+"\033[0m")
else: # 是否回答咨询yes
child.sendline('yes')
finally:
child.expect('password')
child.sendline(password)
child.expect(pexpect.EOF) # 用于等待子进程的结束
print(child.before.decode()) # 等待命令执行完毕并打印输出信息
# 测试ssh连接的方法
def test_ssh_connection(all_flag,address,username):
print("\033[32m" + "{}测试是否可以ssh连接".format(address) + "\033[0m")
flag=os.system('ssh {}@{} -o ConnectTimeout=5 "exit"'.format(username,address))
if flag==0:
print("\033[32m" + "Success: {}可以ssh免密连接".format(address) + "\033[0m")
else:
print("\033[1;31m" + "Failed: {}ssh免密连接失败".format(address) + "\033[0m") # 输出红色字体
all_flag=1
return all_flag
# 本地的密钥开始加入被控制主机
for i in range(0, len(host_addresses)):
add_ssh_public_key_client(host_addresses[i],host_username,host_passwd)
print("\n")
# 测试ssh连接
for i in range(0, len(host_addresses)):
final_flag=test_ssh_connection(0,host_addresses[i],host_username)
if final_flag ==1:
sys.exit("ssh测试失败,请检查!")
else:
print("\033[32m" + "Success: 全部可以ssh免密连接" + "\033[0m")
print("\n")4.执行结果
[root@server ~]# python ansible_auto.py
ssh公钥未创建,开始创建
:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:RvdYf1KOFDyKBuEB6DbFQdfNP9aBPs1/0vIFnutEj5E root@server
The key's randomart image is:
+---[RSA 1024]----+
| ++o+o o .o |
| . oo... o.oo |
| . . o...oo+oo|
| + . .o+.==B.|
| . . S.. .oE=+|
| . .=*=|
| o=+|
| .. .|
| .. |
+----[SHA256]-----+
ssh公钥已创建
192.168.174.151正在被添加公钥
:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.174.151'"
and check to make sure that only the key(s) you wanted were added.
192.168.174.152正在被添加公钥
:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.174.152'"
and check to make sure that only the key(s) you wanted were added.
Success: 192.168.174.151可以ssh免密连接
Success: 全部可以ssh免密连接
Success: 192.168.174.152可以ssh免密连接
Success: 全部可以ssh免密连接
到此这篇关于python利用脚本轻松实现ssh免密登陆配置的文章就介绍到这了,更多相关python ssh免密登陆配置内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家!