Register
It is currently Tue Jul 29, 2014 2:54 pm

ssh-keyadd


All times are UTC - 6 hours


Post new topic Reply to topic  [ 4 posts ] 
Author Message
 PostPosted: Mon Oct 09, 2006 11:19 am   

Joined: Mon Oct 09, 2006 9:59 am
Posts: 2
Location: CA
OK this is my first real attempt at a BASH script and I am looking for a little help. Basically, it's a small script that adds my SSH key to remote servers. For the most part it works but I had a couple of bugs I was trying to fix. The "working" version can be downloaded here http://esolves.googlepages.com/ssh-keyadd

The main bug I am trying to fix is if the directory or file on the remote server does not exist, I want the script to create it. Problem is, the user can pass the paths. If the user passes a path with a ~ in it (which is the default), I can't figure out how to tell the BASH script to break down the path and figure out the directory and file with out it processing the ~ on the local machine.

So if the user passes a location of ~/home/remote/dir/.ssh/authorized_keys. I need the script to figure out the directory path is ~/home/remote/dir/.ssh/ and the file is authorized_keys. I tried using the dirname command to define the directory and it works except in the case of a ~ like in the example. In that case it processes the path on the local machine and defines it there.

Does anyone have any ideas?

Here is the current code I am working with

Code:
#!/bin/sh
# ssh-keyadd Script V.1
# Author Eric Van Johnson (C)2006
# License:    New BSD License
#
# You may freely distribute this script as long as all comments
# remain in this file.
#
# WARNING - This is my first real bash script I've ever written.
# I am sure if you tried you could figure out a better way of
# doing this :-)
# With that said, hope you do find this script helpful
#
# Usage:
# ssh-keyadd [-h this help] [-l username] [-p port]
#            [-k key file] [-a remote authorized_keys]  remote_server
# Define the usage
usage="Usage: ssh-keyadd [-h this help] [-l username] [-p port] [-k key file] [-a remote authorized_keys]  remote_server..."

# Check for Options and Arguments
while getopts ":l:p:k:a:h:" opt; do
   case $opt in
      l  ) user=$OPTARG;;
      p  ) if [ $(echo $OPTARG | grep '^[0-9]*$') ];then
            port=$OPTARG
         else
            echo "Port needs to be set to a number"
            echo $usage
            exit
         fi;;
      k  ) key=$OPTARG;;
      a  ) auth=$OPTARG;;
      h  ) echo -e $usage;;
      \? ) echo -e $usage
          exit;
   esac
done

shift $((OPTIND -1))
if [ -z "$@" ]; then
   echo $usage
   exit 1
fi

# Define the variables
user=${user:-`whoami`} # If a user name isn't passed I'll assume I can use your current username
port=${port:-22} # Unless I was told differently, I will use default SSH port
key=${key:-"$HOME/.ssh/id_rsa.pub"} # Location of local public key you want to push
auth=${auth:-"~/.ssh/authorized_keys"} # Authorized file location on remote server
authdir=`dirname $auth` # Authorized directory on remote server
key2=`cat $key`
remote=${1:?"You need to provide a remote server."}
if [ $(echo $remote | grep '^[0-9a-zA-Z.-_]*$') ];then
   set=1
else
   echo "Remote server needs to be an IP address of URI"
   echo $usage
   exit
fi

# Update remote server with key. This should be the last time
# you are prompted for a password
echo "Adding the following key -> $key "
echo "To the following remote server -> $remote "
echo "For the following user -> $user "
echo "If this is all correct, please enter password for the remote server"

# Now actually do some work
ssh -l $user -p $port $remote "mkdir -p  -m 0700 $authdir | echo $key2 >> $auth | chmod 700 $auth"

# If Key updates successfully we should be able to
# SSH to the location. Let's try
echo "------------KEY ADDED--------------"
echo "The key has been added to the remote server, now lets try and connect"
#ssh -l $user -p $port $remote


Top
 Profile WWW YIM  
 PostPosted: Mon Oct 09, 2006 1:27 pm   

Joined: Mon May 16, 2005 6:29 pm
Posts: 94
Location: Upstate NY
the script looks interesting but can i ask why not use a command that already does all of this?

ssh-copy-id -i ~/.ssh/id_rsa.pub user@remotehost
(the -i is the path/name of the public key)

just enter the password for the user at the remotehost and the key gets copied to the remote host and added to the list of known/allowed keys.
takes about 30 seconds or less to add the key to the remote host.


Top
 Profile WWW  
 PostPosted: Mon Oct 09, 2006 2:20 pm   

Joined: Mon Oct 09, 2006 9:59 am
Posts: 2
Location: CA
Well for starters, probably because I hadn't heard of it :)

But furthermore, it looks like it just makes the assumption that you are going to want to write to .ssh/authorized_keys which in general is a good assumption. But I want to have the flexiablity to define this if needed.

Besides that the scripts seem to accomplish the same thing. I can change my script to just assume the path and filename and everything will work, I just didn't want to do that. I am going to stick with my script because I want to mature it into something more. Mainly by adding a cycle method. I would like to define an old public key and a new public key, point it to an external file that contains a list of servers and have the script go through and remove the old key and insert the new key on all the server. This will allow me to change all my SSH keys on a regular basis with little work.

Maybe for now I make the assumption of the remote location and work on the cycle part.


Top
 Profile WWW YIM  
 PostPosted: Mon Oct 09, 2006 2:43 pm   
Site Admin
User avatar

Joined: Sun May 15, 2005 9:36 pm
Posts: 664
Location: Des Moines, Iowa
I usually to it the way isacklow mentioned myself..... but, I understand doing it for the sake of learning too ;) So.... an idea.....

Well...... you could test your variable for the "~" and then if it's found.....

Code:
[15:38:41 crouse]$ MYVAR="~/home/crouse/.vimrc"
[~]
[15:47:34 crouse]$ echo ${MYVAR##*~}
/home/crouse/.vimrc


Notice the ##*~ in that variable..... ;)
Hope that helps.


Top
 Profile WWW  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP