[dundee] Pushing SSH Certs
Rick Moynihan
rick.moynihan at gmail.com
Fri Nov 27 15:02:09 UTC 2009
2009/11/27 Gavin Carr <gavin at openfusion.com.au>:
[snip]
> It assumes the ~/.ssh directory exists, which isn't necessarily the case.
> It's not in /etc/skel on Ubuntu/RHEL/Fedora, at least, afaik.
>
> So the ssh line should probably be (untested):
>
> ssh $_host 'mkdir -pm0700 ~/.ssh && cat >> ~/.ssh/authorized_keys' < ~/.ssh/id_rsa.pub
Good catch... was bitten by that problem shortly after posting it.
I've updated the code below, and also tweaked it to ensure that you
don't store duplicate keys... I can confirm that the mkdir stuff
works too.
# push SSH public key to another box
# This is awesome!
push_ssh_cert() {
local _host
test -f ~/.ssh/id_rsa.pub || ssh-keygen -t rsa
for _host in "$@";
do
echo $_host
ssh $_host 'mkdir -pm0700 ~/.ssh && cat >>
~/.ssh/authorized_keys && uniq ~/.ssh/authorized_keys | cat - >
~/.ssh/authorized_keys' < ~/.ssh/id_rsa.pub
done
}
I've not looked through or tried Kris's ssh-copy-id but it doesn't
seem to offer anything this shorter equivalent doesn't... Am I missing
anything (other than it's script not a procedure)?
R.
More information about the dundee
mailing list