我想我没有看到任何人提出这个建议，而操作人员只是说“脚本”，所以……

我需要解决同样的问题，而我最舒服的语言是Python。

我用了paramiko图书馆。此外，我还需要使用sudo发布需要升级权限的命令。事实证明，sudo可以通过“-S”标志通过stdin接受其密码!见下文:

import paramiko

ssh_client = paramiko.SSHClient()

# To avoid an "unknown hosts" error. Solve this differently if you must...
ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())

# This mechanism uses a private key.
pkey = paramiko.RSAKey.from_private_key_file(PKEY_PATH)

# This mechanism uses a password.
# Get it from cli args or a file or hard code it, whatever works best for you
password = "password"

ssh_client.connect(hostname="my.host.name.com",
                       username="username",
                       # Uncomment one of the following...
                       # password=password
                       # pkey=pkey
                       )

# do something restricted
# If you don't need escalated permissions, omit everything before "mkdir"
command = "echo {} | sudo -S mkdir /var/log/test_dir 2>/dev/null".format(password)

# In order to inspect the exit code
# you need go under paramiko's hood a bit
# rather than just using "ssh_client.exec_command()"
chan = ssh_client.get_transport().open_session()
chan.exec_command(command)

exit_status = chan.recv_exit_status()

if exit_status != 0:
    stderr = chan.recv_stderr(5000)

# Note that sudo's "-S" flag will send the password prompt to stderr
# so you will see that string here too, as well as the actual error.
# It was because of this behavior that we needed access to the exit code
# to assert success.

    logger.error("Uh oh")
    logger.error(stderr)
else:
    logger.info("Successful!")

希望这能帮助到一些人。我的用例是在大约300台服务器上创建目录、发送和解压文件以及启动程序。因此，自动化至关重要。我试过sshpass, expect，然后想到了这个。

使用公钥认证:https://help.ubuntu.com/community/SSH/OpenSSH/Keys

在源主机中只运行一次:

ssh-keygen -t rsa # ENTER to every field
ssh-copy-id myname@somehost

这就是全部，之后你就可以不用密码使用ssh了。

不同的我

sshpass -p PASSWORD ssh USER@SERVER

后缀II

#!/usr/bin/expect -f
spawn ssh USERNAME@SERVER "touch /home/user/ssh_example"
expect "assword:"
send "PASSWORD\r"
interact

安全性更高的Sshpass

我在寻找ssh进入瘫痪服务器的方法时偶然发现了这个线程——处理ssh连接尝试花了一分钟多，在我输入密码之前超时了。在本例中，我希望能够在提示可用时立即提供我的密码。

(如果还不清楚的话:服务器处于这种状态，再设置公钥登录就太迟了。)

Sshpass来救援。但是，有比sshpass -p更好的方法。

我的实现直接跳到交互式密码提示(不会浪费时间查看是否可以进行公钥交换)，并且从不以纯文本的形式显示密码。

#!/bin/sh
# preempt-ssh.sh
# usage: same arguments that you'd pass to ssh normally
echo "You're going to run (with our additions) ssh $@"

# Read password interactively and save it to the environment
read -s -p "Password to use: " SSHPASS 
export SSHPASS

# have sshpass load the password from the environment, and skip public key auth
# all other args come directly from the input
sshpass -e ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no "$@"

# clear the exported variable containing the password
unset SSHPASS

通过shell脚本连接远程机器，使用以下命令:

sshpass -p PASSWORD ssh -o StrictHostKeyChecking=no USERNAME@IPADDRESS

其中IPADDRESS, USERNAME和PASSWORD是需要在脚本中提供的输入值，或者如果我们想在运行时提供，使用“read”命令。

我得到了这个工作如下

.ssh/config被修改以消除是/否提示-我在防火墙后面，所以我不担心欺骗ssh密钥

host *
     StrictHostKeyChecking no

为expect创建一个响应文件，即answer.expect

set timeout 20
set node [lindex $argv 0]
spawn ssh root@node service hadoop-hdfs-datanode restart

expect  "*?assword {
      send "password\r"   <- your password here.

interact

创建bash脚本并在文件中调用expect

#!/bin/bash
i=1
while [$i -lt 129]    # a few nodes here
  
  expect answer.expect hadoopslave$i

  i=[$i + 1]
  sleep 5

done

获取128个用新配置刷新的hadoop datanode -假设您正在为hadoop/conf文件使用NFS挂载

希望这能帮助到一些人——我是一个Windows傻瓜，这花了我大约5个小时才弄明白!