Creating and installing a Unix-like SSH public key authentication key is simple, and it's almost the same, but it's a hassle.
I wanted to automate this as much as possible.
I think that what you generally do is like this.
# (1)Key creation ssh-keygen -N "" -t rsa -f ~/.ssh/id_rsa # (2-a)Transfer the key to the server ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] # (2-b)Or manually authorized the server_Add to keys cat ~/.ssh/id_rsa.pub| ssh [email protected] "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh/ && chmod 755 ~/" # (3)Add private key information if necessary vi ~/.ssh/config
I don't use it every day If there are a lot of target servers, it will be troublesome, I think it can be automated. I thought that was the trigger.
It has been confirmed to work on Mac OS X and CentOS 7. I think that ssh can be used on Unix / Linux, and it can be used if Python 2.7 works.
You can do the necessary commands of (1), (2) and (3) with one command. If you need (2), you only need to pass the server password once.
Rest assured that the commands executed behind the scenes are displayed in green (?)
I think that it is convenient when you try to set public key authentication for the time being from the fresh state when you borrowed VPS etc.
Environment where python2.7.x can be executed The program itself is made into one source so that it can be handled easily.
Click here for repository https://github.com/yuki2006/pubkey
If only the main body is enough
Because it handles private keys Please use only those who can understand the operating principle.
The developer does not guarantee that any problems will occur with this tool.
python pubkey.py #Or with execute permission ./pubkey.py
./pubkey.py -h usage: pubkey.py [-h] [-l] [-p PrivateKeyPath] [-k] [-c] [-a ALIAS] [-N PassPhrase] server positional arguments: server user@server optional arguments: -h, --help show this help message and exit -l, --With the LocalOnly option, the operation on the server I will not work. -p PrivateKeyPath, --private PrivateKeyPath private key path[default /Users/yuki2006/.ssh/id_rsa] -k, --generate a key with keygen keygen -c, --config .ssh/Write Host information to config -a ALIAS, --alias ALIAS -Valid only with the c option, Of the config file Set the Host field to this -N PassPhrase Specifies the passphrase. Empty string is also possible Noh.(-Valid when k option
./pubkey.py [email protected]
Execute (2) with ~ / .ssh / id_rsa.pub as the public key.
Add the public key to ~ / .ssh / authorized_keys on [email protected].
At this time, if the
ssh-copy-id command can be used locally, use (2-a), and if it cannot be used, execute (2-b).
Please enter the server password.
./pubkey.py -k [email protected]
Execute (1) before executing (2). At this time, (1) is simply called, so enter the passphrase according to the display.
./pubkey.py -N "" -k [email protected]
This is for those who have trouble typing a passphrase when calling (1). I have the -N option when calling ssh-keygen.
./pubkey.py -p ~/.ssh/key -N "" -k [email protected] ./pubkey.py --private ~/.ssh/key -N "" -k [email protected]
If you want to use something other than the default private key. Specify the private key path after -p. The public key used is one with .pub added, such as ~ / .ssh / key.pub.
./pubkey.py -c -p ~/.ssh/key -N "" -k [email protected]
With the -c option, the following text will be added to ~ / .ssh / config. It is the automation of the process of (3).
Host sample.com User hoge IdentityFile ~/.ssh/key
./pubkey.py -a sample -c -p ~/.ssh/key -N "" -k [email protected]
Simply put, it will be added as below.
Host sample hostname sample.com User hoge IdentityFile ~/.ssh/key
If you set this, you can connect just by hitting like this. (Omitted username and hostname)
./pubkey.py -l -a sample -c -p ~/.ssh/key -N "" -k [email protected]
(2) is not executed. Specify when you want to create a keygen or config file but do not need to put the public key on the remote. Mainly for debugging.
In fact, I confirmed that it was possible to improve efficiency by using it for many units and having people use it.
There may be some doubts about how to write Python. It is 2.7 or higher because it uses argparse, Any main processing should work, so I would like to consider that 2.6 etc. will work if requested.
If you have any problems or pull requests, please post them on github. On the contrary, please let me know if there is a useful tool without using this.