ssh 实现基于key验证之双向验证

【实验需求】

1、配置三台主机之间基于ssh的key验证，host1、host2、host3之间互相进行远程访问时无需输入密码。

【实验环境】

host1: 192.168.119.129

host2: 192.168.119.146

host3: 192.168.119.150

【实验脚本】

#!/bin/bash

LOCAL_IP=`ip a show eth0 | awk -F'[ /]+' '/\<inet\>/{print $3}'`
password=wuhaolam
# 人为指定主机
HOSTLIST='
192.168.119.146
192.168.119.150
'
# 自动扫描网段内主机
# NET=192.168.119
# for HOST in {1..254};do
# 	IP="$NET"."$HOST"
#	ping -c 1 -w 1 $IP &> /dev/null && echo $IP >> IP_alive.txt &
# done

if [ ! -e /root/.ssh/id_rsa ];then
  echo -e "\E[1;32m开始生成密钥对...\E[0m"
  ssh-keygen -P "" -f /root/.ssh/id_rsa &> /dev/null
else
  echo -e "\E[1;34m密钥对已经存在\E[0m"
fi



if ! rpm -q sshpass &> /dev/null;then
  yum -y install sshpass &> /dev/null || { echo -e '\E[1;31m"error: sshpass packet install false!"\E[0m'; exit; }
fi

sshpass -p $password ssh-copy-id -o StrictHostKeyChecking=no $LOCAL_IP &> /dev/null

for IP in $HOSTLIST; do
  sshpass -p $password scp -o StrictHostKeyChecking=no -r /root/.ssh $IP:/root/ &> /dev/null
  echo $IP key_authentication already done.
done

for IP in $HOSTLIST; do
  scp /root/.ssh/known_hosts $IP:/root/.ssh/ &> /dev/null
done

echo -e "\E[1;32msuccessful\E[0m"