Mastering SSH Public‑Key Login for Efficient Multi‑Server Automation
This guide explains how SSH works, how to set up public‑key authentication, and how to use tools like ssh, scp, and nc for batch operations across multiple servers, enabling password‑less, non‑blocking remote command execution and file aggregation.
Requirement
In daily work we often need to run the same command on many servers, such as comparing logs or checking services, which requires the ability to operate on multiple machines in batch.
Two years ago I wrote an article about using the
expectcommand for automatic SSH login. Although flexible, it is cumbersome and single‑process blocking, making batch operations difficult.
Using SSH public‑key login simplifies batch command execution across many servers.
SSH Protocol
SSH (Secure Shell) is an encrypted network protocol that provides a secure channel over an insecure network. It is similar to HTTPS, using TCP and asymmetric encryption, but relies on host key fingerprints rather than a certificate authority.
When you first connect to a server, SSH asks you to verify the server’s public‑key fingerprint; after verification the fingerprint is stored in
~/.ssh/known_hostsand future connections skip this step.
Typical connection steps include:
TCP three‑way handshake
SSH protocol version negotiation
Client‑server public‑key exchange
Encryption algorithm negotiation
Symmetric key authentication
Secure client‑server communication
Below is a capture of the SSH handshake using tcpdump and Wireshark:
Efficient Ops
This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.