linux自动交互工具expect,tcl安装,以及自动互信脚本
工作中需要对几十台服务器做自动互信,无意中发现expect命令,研究一番。
在网上找了许多资料也没有安装成功,摸索着总算成功了。现分享如下。
expect命令在自动交互中很好用。
系统:虚拟机fedora14,32位。
[root@Linux ~]# uname -a
Linux Linux 2.6.35.6-45.fc14.i686 #1 SMP Mon Oct 18 23:56:17 UTC 2010 i686 i686 i386 GNU/Linux
安装包:
-rw-r--r--. 1 root root 525572 Aug 5 19:22 expect-5.43.0.tar.gz
-rw-r--r--. 1 root root 3641017 Jul 23 13:28 tcl8.4.16-src.tar.gz
安装步骤:
解压安装tcl:
tar zxvf tcl8.4.16-src.tar.gz;
[root@Linux ~]# cd tcl8.4.16/unix/
./configure
make
make install
cp tclUnixPort.h ../generic/
解压安装expect:
tar zxvf expect-5.43.0.tar.gz;
[root@Linux ~]# cd expect-5.43
[root@Linux expect-5.43]# ./configure --with-tcl=/usr/local/lib/ --with-tclinclude=/usr/log/tcl8.4.16/generic --with-x=no
上面配置这句是关键。
按照自己的tcl安装位置修改tcl=/usr/local/lib/
修改tclinclude=/root/tcl8.4.16/generic 这个目录是上面安装tcl文件夹的目录。
make
make install
--建立连接。
ln -s /usr/local/bin/expect /usr/bin/expect
--定义别名。使用ep代替expect。
echo "alias ep='expect'" >>/root/.bashrc
本步骤也在linux redhat5.5 64位系统中安装成功。
[root@HN509-AQ-WEB log]# uname -a
Linux HN509-AQ-WEB 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:39 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
安装包以及互信脚本详细地址:
http://download.csdn.net/detail/network__yang/5886409
有什么问题可以互相探讨。
-------------------------------------------------------------------------------------------
以下是自动互信脚本的思考步骤,仅供参考。互相学习。
先删除以前的密匙。
[root@HN509-AQ-WEB .ssh]# rm -f ~/.ssh/id_rsa*
没有重复文件的生成步骤:需要3次按键。
[root@HN509-AQ-WEB .ssh]# ssh-keygen -b 1024 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 1
Enter passphrase (empty for no passphrase): 2
Enter same passphrase again: 3
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f2:94:41:fb:1b:26:f5:8e:43:05:0e:e0:47:ce:b4:e4 root@HN509-AQ-WEB
如果以前已经生成,则需要4不按键。
[root@HN509-AQ-WEB .ssh]# ssh-keygen -b 1024 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
88:b3:05:27:c3:9f:1d:a7:92:88:4b:83:b6:44:db:b8 root@HN509-AQ-WEB
此脚本只适用于,/root/.ssh/文件夹下有id_rsa和id_rsa.pub文件的情况。
[root@HN509-AQ-WEB log]# cat tmp.sh
#!/usr/bin/expect
spawn ssh-keygen -b 1024 -t rsa
expect *key*
send \r
expect *verwrite*
send y\r
expect *passphrase*
send \r
expect *again:
send \r
interact
为了适应所有情况。建议执行前,在脚本中把id_rsa和id_rsa.pub文件删除。rm -f ~/.ssh/id_rsa*
先删除以前的密匙。
[root@HN509-AQ-WEB .ssh]# rm -f ~/.ssh/id_rsa*
没有重复文件的生成步骤:需要3次按键。
[root@HN509-AQ-WEB .ssh]# ssh-keygen -b 1024 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 1
Enter passphrase (empty for no passphrase): 2
Enter same passphrase again: 3
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f2:94:41:fb:1b:26:f5:8e:43:05:0e:e0:47:ce:b4:e4 root@HN509-AQ-WEB
执行脚本。
[root@HN509-AQ-WEB log]# cat tmp.sh
#!/usr/bin/expect
spawn ssh-keygen -b 1024 -t rsa
expect *key*
send \r
expect *empty*
send \r
expect *again:
send \r
interact
传输公匙文件,这里是直接传输~/.ssh/到对端。由于对端可能没有~/.ssh/文件夹,还需要建,所以直接传输文件夹。
[root@HN509-AQ-WEB log]# cat tmp.10.7.1.29.sh
#!/usr/bin/expect
spawn scp -r /root/.ssh root@10.7.1.29:~/
expect *assword*
send \r
expect *assword*
send thinker\r
interact
如果是一台没有登陆过的服务器,在本机的know_hosts里面由于没有相应的公匙,所以会提示是否增加这个文件。
先删除本机的know_hosts文件,
rm -f ~/.ssh/known_hosts
修改自动脚本。
spawn scp -r /root/.ssh root@10.7.1.31:~/
The authenticity of host '10.7.1.31 (10.7.1.31)' can't be established.
RSA key fingerprint is 94:91:b1:7c:77:54:b9:72:c8:57:ca:c8:ec:20:7f:8c.
Are you sure you want to continue connecting (yes/no)?
Host key verification failed.
[root@HN509-AQ-WEB log]# cat tmp.10.7.1.29.sh
#!/usr/bin/expect
spawn scp -r /root/.ssh root@10.7.1.29:~/
expect *yes*
send yes\r
expect *assword*
send \r
expect *assword*
send thinker\r
interact