一、脚本说明

1、用法：./script.sh "user_name" "password_user" "password_root"

2、当互信的为非root用户时，先自动完成root的互信，然后检测指定用户是否存在，若不存在，则先创建，然后继续进行互信

3、缺点：

①所用服务器的所有互信用户，其所使用的rsa密钥，均为脚本所在服务器的root的rsa密钥

②需要所有服务器的root密码是一样的

二、脚本内容

#!/bin/bash

auth_user=$1

auth_passwd=$2 root_passwd=$3

#上面三个参数也可设置默认值，参考如下

#auth_user=${1:-postgres}

#auth_passwd=${2:-123456} #root_passwd=${3:-123456}

array_node=(gtm gtm_standby node1 node2)

function rsa_create {

rm -rf ~/.ssh/* /usr/bin/expect << EOF   spawn /usr/bin/ssh-keygen -t rsa   expect {          "*id_rsa):" {send "\n"; exp_continue}          "(y/n)?" {send "y\r"; exp_continue}          "passphrase" {send "\n"; exp_continue}          "again:" {send "\n"}              }   expect {          "*# " {send "exit\n\r"}                } EOF   rsa_key=`cat ~/.ssh/id_rsa.pub | awk '{print $1,$2}'`   cat /dev/null > ~/.ssh/authorized_keys   for node in `echo ${array_node[@]}`   do     echo "${rsa_key} ${1}@${node}" >> ~/.ssh/authorized_keys     if [ "$1" != "root" ]; then       echo "${rsa_key} root@${node}" >> ~/.ssh/authorized_keys     fi;   done; }

function rsa_scp {

for node in `echo ${array_node[@]}` do /usr/bin/expect << EOF   spawn /usr/bin/scp root :~/.ssh/* root@${node}:~/.ssh   expect {          "*yes/no*" {send "yes\r"; exp_continue}          expect {                 "*assword*" {send "${root_passwd}\r"}                 }          "*assword*" {send "${root_passwd}\r"}          }      expect "100%" EOF done; }

rsa_create "${auth_user}"

case "${auth_user}" in

  "root" )     rsa_scp   ;;   * )     rsa_scp     for node in `echo ${array_node[@]}`     do       user_status=`ssh root@${node} -T "id ${auth_user} >/dev/null 2>&1 ;echo $?"`     if [ $user_status -ne 0 ]; then       ssh root@${node} -T "useradd ${auth_user} ; echo 123456 | passwd -f --stdin ${auth_passwd} > /dev/null 2>&1"     fi;     ssh root@${node} -T "/bin/cp -r -f /root/.ssh/* /home/${auth_user}/.ssh/;chown -R ${auth_user}:${auth_user} /home/${1}/"     done;   ;; esac