#!/bin/bash
# BY kerryhu
#
MAIL:king_819@163.com
# BLOG:http://kerry.blog.51cto.com
# Please manual
operation yum of before Operation.....
一、建立信任关系
192.168.9.203 为管理机
192.168.9.201 192.168.9.202
为远程linux服务器
1、在管理机生成证书、
[root@manage ~]# ssh-keygen -t
rsa
Generating public/private rsa key
pair.
Enter file in which to save the key
(/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in
/root/.ssh/id_rsa. (私钥)
Your public key has been saved in
/root/.ssh/id_rsa.pub. (公钥)
The key fingerprint is:
36:ec:fc:db:b0:7f:81:7e:d0:1d:36:5e:29:dd:5b:a0
2、将管理机上的公钥传送到各远程服务器
如远程服务器更改了默认的ssh端口号,就使用scp -P
17173,17173为端口号
[root@manage .ssh]# scp id_rsa.pub
192.168.9.201:/root/.ssh/authorized_keys
[root@manage .ssh]# scp id_rsa.pub
192.168.9.202:/root/.ssh/authorized_keys
管理机与远程主机信任关系建立完毕
二、通过shell脚本批量修改远程服务器密码
如果要调用mkpasswd就得安装expect,使用mkpasswd可以随机产生密码
usage: mkpasswd [args] [user]
where arguments are:
-l # (length of password, default =
10)
-d # (min # of digits, default =
2)
-c # (min # of lowercase chars,
default = 2)
-C # (min # of uppercase chars,
default = 2)
-s # (min # of special chars,
default = 1)
-v (verbose, show passwd
interaction)
-p prog (program to set password,
default = passwd)
比如说你要指定一个长度为8,而且至少有三个大写字母的密码,那么可以这样输入:
mkpasswd -l 8 - C
3,好了,密码就会按你的要求随机产生了
yum -y install expect
ip_list.txt为远程服务器IP列表
[root@manage .ssh]# cat
ip_list.txt
192.168.9.201
192.168.9.202
如果远程服务器修改了默认ssh的端口号,就使用ssh -p
17173,17173为端口号
#!/bin/bash
#============== Though ssh remote server
,auto modify ROOT passwd =============#
for IP in `cat /root/ip_list.txt`
#导入远程要修改主机的IP
do
#========================= 创建远程主机密码
==========================#
TMP_PWD=`mkpasswd -l 8 -C 3`
R_PWD=`echo ${IP}_${TMP_PWD}`
echo "${IP}_${TMP_PWD}" >
R_PWD.txt
#=========================== 修改远程主机密码
========================#
if [ $? = 0 ] ; then
ssh $IP passwd root --stdin < R_PWD.txt
echo -e "$(date "+%Y-%m-%d %H:%M:%S")\t${IP}\t${R_PWD}\t" >>
R_Server.log
else
echo -e "$(date "+%Y-%m-%d %H:%M:%S")\t${IP} R_PWD.txt is create
fail\tplease check!\t" >> M_pass.log
fi
if [ $? = 0 ] ; then
echo -e "$(date "+%Y-%m-%d %H:%M:%S")\tThe ${IP} passwd is modify
OK\t" >> M_pass.log
else
echo -e "$(date "+%Y-%m-%d %H:%M:%S")\tThe ${IP} passwd is modify
fail\tplease check!\t" >> M_pass.log
fi
done
本文出自 “聆听未来” 博客,请务必保留此出处http://blog.chinaunix.net/space.php?uid=9419692&do=blog&id=3184117
