-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
JD Runyan wrote:
> Thanks Tracy, I have been working on making a key installer that I can
> use to deploy keys on multiple servers after creating new users. Your
> code here has given me a much better way to move the keys around. I was
> treating it as file, and neglected to even think about treating the key
> as data. You have saved me some time and headaches. I will share my
> script when it is finished.
Glad you found it useful. Below is the latest version. My previous
version would not work if the ~/.ssh directory did not already exist so
I have added a check for that. Also I chmod g-w the relevent dirs
because ssh is sometimes picky about that if StrictMode or whatever it
is called is turned on.
#!/bin/sh
# Public key auto-installer script by Tracy Reed <[EMAIL PROTECTED]>
#
# Be sure to fill in your own pubkey unless you want to give me access :)
#
PUBKEY="ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEAzs0h49jraOI7W33S1DfXvi9myx0VNxrGIFfY8H15Ry5BNxHhfFCxCBytemBMzpNVWvC9LiDOq767YC8fxEFtscpacvAGtl3aGhBZh789Ji+FYgDcG/O+rsdq5YnZMWIAJz4ne/IwSEFLuQJ+lklxAZEelBaGpuqyp3uV2Tii1B0=
[EMAIL PROTECTED]"
SSH="/usr/bin/ssh"
# Save our destination to ssh to
DESTINATION=$1
# Shift destination off array leaving us only with the commands to run
remotely
shift 1
# Do we want just a shell or do we want to run some commands remotely?
if [ $1 ]; then
COMMAND="$SHELL -c '$@'"
else
COMMAND="$SHELL"
fi
$SSH -tt $DESTINATION "if [ ! -d ~/.ssh ]; then mkdir ~/.ssh; fi; if [ !
- -e ~/.ssh/authorized_keys ]; then touch ~/.ssh/authorized_keys; fi;
chmod g-w ~/ ~/.ssh ~/.ssh/authorized_keys; PUBKEY='"$PUBKEY"'; grep
'"$PUBKEY"' ~/.ssh/authorized_keys >/dev/null 2>&1 || (echo '"$PUBKEY"'
>> ~/.ssh/authorized_keys && echo "Installed public key"); $COMMAND"
- --
Tracy R Reed
http://ultraviolet.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCzf+A9PIYKZYVAq0RAvVEAJ0dYaBg/YTPSga6BclqNZKWYWNFfwCeMs4R
hAw443SoRJyfPJ/QyrGLeBk=
=7pZn
-----END PGP SIGNATURE-----
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
