linux實現ssh免密
#!/bin/bash # setup-ssh-key.sh - 自动配置 SSH 免密登录 # 用法: ./setup-ssh-key.sh [USER@]HOST [-p PORT] set -euo pipefail show_usage() { echo "用法: $0 [USER@]HOST [-p PORT]" echo "示例:" echo " $0 root@192.168.1.100" echo " $0 ubuntu@10.0.0.5 -p 2222" exit 1 } if [[ $# -eq 0 ]]; then show_usage fi # 解析参数 HOST="" PORT="22" USER="${USER:-$(whoami)}" while [[ $# -gt 0 ]]; do case "$1" in -p|--port) if [[ -n "$2" && ! "$2" =~ ^- ]]; then PORT="$2" shift 2 else echo "错误: -p 需要指定端口号" >&2 exit 1 fi ;; -*) echo "未知选项: $1" >&2 show_usage ;; *) HOST="$1" shift ;; esac done if [[ -z "$HOST" ]]; then echo "错误: 未指定目标主机" >&2 show_usage fi # 分离 USER 和 HOST(支持 user@host 格式) if [[ "$HOST" == *@* ]]; then USER="${HOST%%@*}" HOST="${HOST##*@}" fi echo "🔧 准备为 ${USER}@${HOST}:${PORT} 配置 SSH 免密登录..." # 检查本地是否已有默认密钥 SSH_KEY="$HOME/.ssh/id_rsa" if [[ ! -f "$SSH_KEY" ]]; then echo "🔑 本地未找到 SSH 密钥,正在生成新密钥(无密码)..." ssh-keygen -t rsa -b 4096 -f "$SSH_KEY" -N "" -C "auto-generated for ${USER}@${HOST}" else echo "✅ 已存在本地 SSH 密钥: $SSH_KEY" fi # 确保 .ssh 目录存在 mkdir -p "$HOME/.ssh" chmod 700 "$HOME/.ssh" # 读取公钥内容 if [[ ! -f "${SSH_KEY}.pub" ]]; then echo "❌ 公钥文件不存在: ${SSH_KEY}.pub" exit 1 fi PUB_KEY=$(<"${SSH_KEY}.pub") # 在远程服务器上创建 .ssh 目录并追加公钥 echo "📡 正在将公钥推送到 ${USER}@${HOST}:${PORT} ..." ssh -p "$PORT" -o ConnectTimeout=10 -o StrictHostKeyChecking=no "${USER}@${HOST}" \ "mkdir -p ~/.ssh && chmod 700 ~/.ssh && echo '${PUB_KEY}' >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys" echo "✅ 免密登录配置完成!" echo "🧪 测试连接: ssh -p ${PORT} ${USER}@${HOST}" # 可选:测试连接(取消注释即可) # ssh -p "$PORT" -o BatchMode=yes -o ConnectTimeout=5 "${USER}@${HOST}" "echo '✅ 连接成功!'"
