Bash、密钥和rSync

Question

我这里有一个脚本，我已经做了，我正在尝试转换为使用键，但我有一些问题。当没有为密钥指定密码短语时，脚本工作得很好，但是我希望每个服务器上的每个密钥都有不同的密码短语。但是，我在使用expect命令完成此操作时遇到了一点问题。我已经复制了下面的原始脚本。我们非常感谢您的任何建议。

#!/bin/bash

SERVERS="REMOTESERVER1 REMOTESERVER2"
KEYS="SECRET_KEY1 SECRET_KEY2"
MAILTO="EMAIL_TO"
HOSTNAME="$(hostname)"
MSG=""
ERROR=0
DIRERR=0

MSG="${MSG}\n$(date) Starting Backup Engine"
for server in $SERVERS; do

    MSG="${MSG}\n$(date) Starting backup on $server"

    #Check for backup directory for listed servers. Create if does not exists.
    MSG="${MSG}\n$(date) Checking backup folder structure"
    if [ ! -d "/backup/${server}" ]; then
        MSG="${MSG}\n$(date) /backup/${server} does not exist... creating"
        mkdir -p /backup/$server
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}"
        DIRERR=1
    fi

    #Check for accounts directory in the server backup folder.
    if [ ! -d "/backup/${server}/accounts" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/accounts does not exist... creating"
        mkdir -p /backup/$server
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/accounts"
        DIRERR=1
    fi

    #Check for dnszones folder in the server backup folder.
    if [ ! -d "/backup/${server}/dnszones" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/dnszones does not exist... creating"
        mkdir -p /backup/$server/dnszones
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/dnszones"
        DIRERR=1
    fi

    #Check for syslogs folder in the server backup folder.
    if [ ! -d "/backup/${server}/syslogs" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/syslogs does not exist... creating"
        mkdir -p /backup/$server/syslogs
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/syslogs"
        DIRERR=1
    fi

    #Check for syslogs/apache folder in the server backup folder.
    if [ ! -d "/backup/${server}/syslogs/apache" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/syslogs/apache does not exist... creating"
        mkdir -p /backup/$server/syslogs/apache
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/syslogs/apache"
        DIRERR=1
    fi

    #Check for syslogs/apache/domlogs folder in the server backup folder.
    if [ ! -d "/backup/${server}/syslogs/cpanel" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/syslogs/cpanel does not exist... creating"
        mkdir -p /backup/$server/syslogs/cpanel
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/syslogs/cpanel"
        DIRERR=1
    fi

    #Check for syslogs/apache/domlogs folder in the server backup folder.
    if [ ! -d "/backup/${server}/syslogs/apache/domlogs" ]; then
        MSG="${MSG}\n$(date) /backup/${server}/syslogs/apache/domlogs does not exist... creating"
        mkdir -p /backup/$server/syslogs/apache/domlogs
        DIRMKD="${DIRMKD}\n$(date) /backup/${server}/syslogs/apache/domlogs"
        DIRERR=1
    fi

    if [ $DIRERR -eq 0 ]; then
        MSG="${MSG}\n$(date) Backup folder check complete"
    else
        MSG="${MSG}\n$(date) Created new directories:${DIRMKD}"
    fi

    MSG="${MSG}\n$(date) Backing up DNS Records"
    rdiff-backup --force --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/var/named/* /backup/$server/dnszones/
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete DNS Zone backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) DNS Zones have been backed up"
    fi

    MSG="${MSG}\n$(date) Backing up server logs"
    #Backup /var/logs/*
    rdiff-backup --force --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/var/log/* /backup/$server/syslogs/
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete server log backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) Server logs have been backed up"
    fi

    MSG="${MSG}\n$(date) Backing up Apache logs"
    #Backup /usr/local/apache/logs/*
    rdiff-backup --force --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/usr/local/apache/logs/* /backup/$server/syslogs/apache
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete Apache log backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) Apaceh logs have been backed up"
    fi

    MSG="${MSG}\n$(date) Backing up Apache Domlogs"
    #Backup /usr/local/apache/domlogs/*
    rdiff-backup --force --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/usr/local/apache/domlogs/* /backup/$server/syslogs/apache/domlogs
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete Apache Domlog backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) Apache Domlogs have been backed up"
    fi

    MSG="${MSG}\n$(date) Backing up cPanel logs"
    #Backup /usr/local/cpanel/logs/*
    rdiff-backup --force --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/usr/local/cpanel/logs/* /backup/$server/syslogs/cpanel
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete cPanel log backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) CPanel logs have been backed up"
    fi

    MSG="${MSG}\n$(date) Backing up accounts"
    #Backup /backup/cpbackup/daily/*
    rdiff-backup --tempdir=/home/tmp --remote-schema "ssh -C -p22 %s rdiff-backup --server" root@$server::/backup/cpbackup/daily/* /backup/$server/accounts
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not complete account backups for ${server}"
        ERROR=1
        continue
    else
        MSG="${MSG}\n$(date) Accounts have been backed up"
    fi

    MSG="${MSG}\n$(date) Backup for ${server} completed"

    #Delete anything older than one week from accounts while retaining server logs and DNS Zones.
    MSG="${MSG}\n$(date) Removing old files from account backups"
    rdiff-backup --force --remove-older-than 7D /backup/$server/accounts/*
    if [ $? -ne 0 ]; then
        MSG="${MSG}\n$(date) Could not remove old account backups"
        ERROR=1
    fi

done

MSG="${MSG}\n$(date) Backups complete"


if [ $ERROR -eq 0 ]; then
    echo -e "From: root@${HOSTNAME}\nTo: ${MAILTO}\nSubject: Backups completed on ${HOSTNAME}\nDifferential backups completed successfully on ${HOSTNAME} at $(date)\n\n ${MSG}\n\n Available backups:\n$(for server in $SERVERS; do echo -e "\n\n$server:"; rdiff-backup -l /backup/$server/ ; done )" | /usr/sbin/sendmail ${MAILTO}
else
    echo -e "From: root@${HOSTNAME}\nTo: ${MAILTO}\nSubject: Failed backup on ${HOSTNAME}\n${MSG}" | /usr/sbin/sendmail ${MAILTO}
fi

Answer 1

tl;dr

您希望使用ssh-agent，并对所需的每个密钥执行ssh-add操作。如果你只是想在某个脚本中硬编码一个密匙，那就不要给它添加密码，这完全违背了你的目的。