批量修改远程linux服务器密码
2889 点击·0 回帖
灯火互联
楼主
 |  | |
 | #!/bin/bash # BY kerryhu #MAIL:king_819@163.com # BLOG:http://kerry.blog.51cto.com # Please manualoperation yum of before Operation..... 一、建立信任关系 192.168.9.203 为管理机 192.168.9.201 192.168.9.202为远程linux服务器 1、在管理机生成证书、 [root@manage ~]# ssh-keygen -trsa Generating public/private rsa keypair. Enter file in which to save the key(/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in/root/.ssh/id_rsa. (私钥) Your public key has been saved in/root/.ssh/id_rsa.pub. (公钥) The key fingerprint is: 36:ec:fc:db:b0:7f:81:7e:d0:1d:36:5e:29:dd:5b:a0 2、将管理机上的公钥传送到各远程服务器 如远程服务器更改了默认的ssh端口号,就使用scp -P17173,17173为端口号 [root@manage .ssh]# scp id_rsa.pub192.168.9.201:/root/.ssh/authorized_keys [root@manage .ssh]# scp id_rsa.pub192.168.9.202:/root/.ssh/authorized_keys 管理机与远程主机信任关系建立完毕 二、通过shell脚本批量修改远程服务器密码 如果要调用mkpasswd就得安装expect,使用mkpasswd可以随机产生密码 usage: mkpasswd [args] [user] where arguments are: -l # (length of password, default =10) -d # (min # of digits, default =2) -c # (min # of lowercase chars, default =2) -C # (min # of uppercase chars, default =2) -s # (min # of special chars, default =1) -v (verbose, show passwdinteraction) -p prog (program to set password, default =passwd) 比如说你要指定一个长度为8,而且至少有三个大写字母的密码,那么可以这样输入: mkpasswd -l 8 - C3,好了,密码就会按你的要求随机产生了 yum -y install expect ip_list.txt为远程服务器IP列表 [root@manage .ssh]# catip_list.txt 192.168.9.201 192.168.9.202 如果远程服务器修改了默认ssh的端口号,就使用ssh -p17173,17173为端口号 #!/bin/bash #============== Though ssh remote server,auto modify ROOT passwd =============# for IP in `cat /root/ip_list.txt`#导入远程要修改主机的IP do #========================= 创建远程主机密码==========================# TMP_PWD=`mkpasswd -l 8 -C 3` R_PWD=`echo ${IP}_${TMP_PWD}` echo "${IP}_${TMP_PWD}" >R_PWD.txt #=========================== 修改远程主机密码========================# if [ $? = 0 ] ; then ssh $IP passwd root --stdin <R_PWD.txt echo -e "$(date "+%Y-%m-%d%H:%M:%S")t${IP}t${R_PWD}t" >> R_Server.log else echo -e "$(date "+%Y-%m-%d%H:%M:%S")t${IP} R_PWD.txt is create failtplease check!t" >>M_pass.log fi if [ $? = 0 ] ; then echo -e "$(date "+%Y-%m-%d%H:%M:%S")tThe ${IP} passwd is modify OKt" >>M_pass.log else echo -e "$(date "+%Y-%m-%d%H:%M:%S")tThe ${IP} passwd is modify failtplease check!t" >>M_pass.log fi done | |
 |  |