13
\$\begingroup\$

I often create new accounts or virtual machines, and then have to load my SSH public key/signature in to the authorized keys on that account. That process can be tedious, so I created this script that pushes my authorization on the remote machine. So, typically when you ssh to a remote machine you have to enter your password, etc. To automate jobs, though, you often don't want to do that, and key-based authentication allows you to authenticate without the password.

There are other ways to push keys around, but this makes it simple to fix things after the fact, or to initialize new accounts, etc.

I am looking for a review of any and all aspects, including the way that SSH is set up, and so on.

Here's an example transcript of what the script outputs:

panabox:~/bin> loadkey sol@solarium
Installing Key...
sol@solarium's password: 
Checking Key ...
Great!
panabox:~/bin> loadkey sol@solarium
Already Works!
panabox:~/bin>

And here is the script:

#!/bin/bash
if [ "$#" -ne 1 ]
then
 echo "Must supply user@hostname: loadkey <user@hostname>"
 exit 1
fi
host=1ドル
ssh -2 -o BatchMode=yes $host "echo hi" >& /dev/null && echo Already Works! && exit 0
echo Installing Key...
install="mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat - >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"
cat ~/.ssh/id_rsa.pub | ssh -2 $host $install
echo Checking Key ...
ssh -2 -o BatchMode=yes $host "echo hi" >& /dev/null && echo Great! && exit 0
echo Failed to install key.
exit 2
asked Jun 12, 2015 at 15:51
\$\endgroup\$
0

1 Answer 1

9
\$\begingroup\$

In modern systems, there's ssh-copy-id for this. But yeah it's not everywhere. In systems that don't have it, I have a similar script like yours, but to mimic the "standard", I call it ssh-copy-id.sh. Name it as you like, but I don't think "loadkey" really sums up the action of appending your public key to the authorized list file on a remote server. So I'd pick something better.

Cats are sure cute creatures, but you don't need one here:

cat ~/.ssh/id_rsa.pub | ssh -2 $host $installcat

You can use input redirection:

ssh -2 $host $install < ~/.ssh/id_rsa.pub

Lastly, the ssh ... echo hi stuff is repeated twice. It would be better to put it in a function. You can chain the different final echo + exit commands after the function with && normally.

answered Jun 12, 2015 at 16:48
\$\endgroup\$
2
  • 2
    \$\begingroup\$ That pointer to the existing program is great. It probably did not exist when I first started using my script (originally written in tcsh - from AIX - recently ported to bash), well, that's my excuse, and I will stick with it. Great catch \$\endgroup\$ Commented Jun 13, 2015 at 0:20
  • 2
    \$\begingroup\$ ssh-copy-id is distributed as a "contrib" script with Portable OpenSSH. It is not part of the "official" OpenBSD version of OpenSSH. \$\endgroup\$ Commented Jun 13, 2015 at 4:00

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.