Set the remote user's umask to 077, this is so that any directories or files we're going to create, will have their permissions set accordingly like so: $ ls -ld ~/.ssh ~/.ssh/authorized_keysĭrwx- 2 remoteuser remoteuser 4096 May 21 22:58 /home/remoteuser/.ssh These are the commands that pssh will run on each server: ' \ '.cmds to add pubkey.' - this is the trickiest part of what's going on, so I'll break this down by itself (see below).-i tells pssh to send any output to STDOUT rather than store it in files (its default behavior).-A tells pssh to ask for your password and then reuse it for all the servers that it connects to.-l is the remote server's account (we're assuming you have the same username across the servers in the IP file).pssh uses the -I switch to ingest data via STDIN.cat outputs the public key file to pssh.The above script is generally structured like so: $ cat | pssh -h -l -A -I -i '.cmds to add pubkey.' Warning: do not enter your password if anyone else has superuser | pssh -h ips.txt -l remoteuser -A -I -i \ Here's an example that does the job: $ cat ~/.ssh/my_id_rsa.pub \ NOTE: Using this method doesn't allow you to use ssh-copy-id, however, so you'll need to roll your own method for appending your SSH pub key file to your remote account's ~/.ssh/authorized_keys file. Rather than type your password multiple times you can make use of pssh and its -A switch to prompt for it once, and then feed the password to all the servers in a list.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |