bash&shell系列文章:http://www.cnblogs.com/f-ck-need-u/p/7048359.html
<http://www.cnblogs.com/f-ck-need-u/p/7048359.html#blogshell>

expect工具可以实现自动应答,从而达到非交互的目的。

expect具体使用用法比较复杂,中文手册我正在翻译中,以后翻译完了做了整理再补。本文只有几个ssh相关最可能用上的示例。
yum -y install expect
1.1 scp自动应答脚本

以下是scp自动问答的脚本。
[[email protected] ~]# cat autoscp.exp #!/usr/bin/expect
########################################################### # description: scp
without interactive # # author : 骏马金龙 # # blog : http://
www.cnblogs.com/f-ck-need-u/ #
########################################################### set timeout10 set
user_hostname [lindex $argv0] set src_file [lindex $argv 1] set dest_file
[lindex $argv2] set password [lindex $argv 3] spawn scp $src_file
$user_hostname:$dest_file expect {"(yes/no)?" { send "yes\n" expect "*assword:"
{ send"$password\n"} } "*assword:" { send "$password\n" } } expect "100%"
expect eof
用法:autoscp.exp [[email protected]]hostname src_file dest_file [password]


该自动回答脚本可以自动完成主机验证和密码认证,即使已经是实现公钥认证的机器也没问题,因为公钥认证机制默认优先于密码认证,且此脚本的password项是可选的,当然,在没有实现公钥认证的情况下,password是必须项,否则expect实现非交互的目的就失去意义了。

以下是几个示例:
[[email protected] ~]# ./autoscp.exp 172.16.10.6 /etc/fstab /tmp 123456 spawn scp
/etc/fstab172.16.10.6:/tmp The authenticity of host '172.16.10.6 (172.16.10.6)'
can't be established. RSA key fingerprint is f3:f8:e2:33:b4:b1:92:0d:5b:95:3b:97
:d9:3a:f0:cf. Are you sure you want to continue connecting (yes/no)? yes #
主机验证时询问是否保存host key,自动回答yes Warning: Permanently added'172.16.10.6' (RSA) to
the list of known hosts. [email protected]'s password: # 密码认证过程,自动回答指定的密码"123456"
fstab100% 805 0.8KB/s 00:00
也可以指定完成的用户名和主机名。
[[email protected] ~]# ./autoscp.exp [email protected] /etc/fstab /tmp 123456 spawn scp
/etc/fstab [email protected]:/tmp [email protected]'s password: fstab 100% 805 0
.8KB/s00:00
<>

1.2 ssh-copy-id自动应答脚本

以下是在建立公钥认证机制时,ssh-copy-id拷贝公钥到服务端的自动应答脚本。
[[email protected] ~]# cat /tmp/autocopy.exp #!/usr/bin/expect
########################################################### # description:scp
without interactive # # author : 骏马金龙 # # blog : http://
www.cnblogs.com/f-ck-need-u/ #
########################################################### set timeout10 set
user_hostname [lindex $argv0] set password [lindex $argv 1] spawn ssh-copy-id
$user_hostname expect {"(yes/no)?" { send "yes\n" expect "*assword:" { send "
$password\n"} } "*assword:" { send "$password\n" } } expect eof
用法:autocopy.exp [[email protected]]hostname password

以下是一个示例,
[[email protected] ~]# /tmp/autocopy.exp [email protected] 123456 spawn ssh-copy-id
[email protected] The authenticity of host '172.16.10.6 (172.16.10.6)' can't be
established. RSA key fingerprint is f3:f8:e2:33:b4:b1:92:0d:5b:95:3b:97
:d9:3a:f0:cf. Are you sure you want to continue connecting (yes/no)? yes #
主机认证时,自动应答yes Warning: Permanently added'172.16.10.6' (RSA) to the list of
known hosts. [email protected]'s password: # 密码认证时自动输入密码"123456" Now try logging
into the machine, with"ssh '[email protected]'", and check in: .ssh/
authorized_keys tomake sure we haven't added extra keys that you weren't
expecting.
1.3 批量ssh-copy-id自动应答

如果要实现批量非交互,则可以写一个shell脚本调用该expect脚本。例如:
[[email protected] ~]# cat /tmp/sci.sh #!/bin/bash
########################################################### # description:scp
without interactive # # author : 骏马金龙 # # blog : http://
www.cnblogs.com/f-ck-need-u/ #
###########################################################passwd=123456 #
指定要传递的密码为123456 user_host=`awk '{print $3}' ~/.ssh/id_rsa.pub` #
此变量用于判断远程主机中是否已添加本机信息成功for i in [email protected] do /tmp/autocopy.exp $i $passwd >&/dev/null
ssh $i "grep "$user_host" ~/.ssh/authorized_keys" >&/dev/null # 判断是否添加本机信息成功 if
[ $? -eq0 ];then echo "$i is ok" else echo "$i is not ok" fi done
用法:/tmp/sci.sh [[email protected]]hostname


其中hostname部分可以使用花括号展开方式枚举。但有个bug,最好ssh-copy-id的目标不要是脚本所在的本机,可能会强制输入本机密码,但批量脚本autocopy.exp则没有此bug。

例如:
[[email protected] tmp]# /tmp/sci.sh 172.16.10.3 172.16.10.6 172.16.10.3 is ok 172.16.
10.6 is ok [[email protected] tmp]# /tmp/sci.sh 172.16.10.{3,6} 172.16.10.3 is ok
172.16.10.6 is ok [[email protected] tmp]# /tmp/sci.sh [email protected] 172.16.10.6
[email protected] is ok 172.16.10.6 is ok