#!/bin/csh -f # authorize_ssh_key # ----------------------------------------------------------------------------- # Shell script to add the default or specified public RSA SSH key to the # authorized_keys file of the specified user@host, so that the user can # login via ssh w/o specifying a password. Offers to create the RSA key # file pair if it doesn't already exist. Offers to create the RSA public # key from the specified RSA private key if it doesn't already exist. # ----------------------------------------------------------------------------- # Usage: See Usage section below or run with -h or --help to see usage. # Assumptions: # Effects: # - Updates the remote authorized_keys file. # Notes: # - Thanks to JP Vossen for pointing out that this is essentially the # same functionality as the existing Linux command ssh-copy-id. # I'm not sure if that already existed when I wrote this on 10/31/2010. # If so, I wasn't aware of it. I haven't ever compared them to see how # similar they are. # Implementation Notes: # Portability Issues: # Revision History: # $Log$ # ----------------------------------------------------------------------------- if ($#argv == 0 || "$1" == "-h" || "$1" == "--help") then echo "Usage:" echo " $0:t [-f rsa_public_key_file] [user@]host" echo "Examples:" echo " $0:t bristle.com " echo " $0:t fred@bristle.com " echo " $0:t -f fred_public_key_file bristle.com " echo " $0:t -f fred_public_key_file fred@bristle.com " exit 1 endif # Get and check options set key = ~/.ssh/id_rsa # No quotes, so ~ will be expanded if ($1:q == "-f") then set key = $2:q shift shift endif # Determine the name of the public key to assume for now if ("${key:e}" == "pub") then set public_key = "${key}" else if (-e "${key}.pub") then set public_key = "${key}.pub" else set public_key = "${key}" endif endif # Create the public key if missing if (-e "${public_key}") then echo "Public key ${public_key} found." else echo "Public key ${public_key} not found." if ("${public_key:e}" == "pub") then set private_key = "${public_key:r}" if (-e "${private_key}") then echo "Private key ${private_key} found." set reply = `promptloop "Create public key from private key (y/n)? " y n` if ($reply == "y") then echo "Creating public key..." ssh-keygen -y -f ${private_key} > ${public_key} set rc = $status if ($rc != 0) then beep "Error creating public key." exit $rc endif else beep "No public key found or created." exit 1 endif else beep "Private key ${private_key} not found." exit 1 endif else set private_key = "${public_key}" set public_key = "${public_key}.pub" set prompt = "Create new key pair ${private_key}, ${public_key} (y/n)? " set reply = `promptloop "${prompt}" y n` if ($reply == "y") then echo "Creating key pair..." ssh-keygen -t rsa -f ${private_key} set rc = $status if ($rc != 0) then beep "Error creating key pair." exit $rc endif else beep "No key pair created." exit 1 endif endif endif # Add the public key to the authorized_keys file echo "" echo "Pushing the public key to $1." echo "You may be prompted for the $1 password a couple times." echo "ssh $1 mkdir -v -p .ssh" ssh $1 mkdir -v -p .ssh echo "ssh $1 touch .ssh/authorized_keys" ssh $1 touch .ssh/authorized_keys echo "cat ${public_key} | ssh $1 'cat >> .ssh/authorized_keys'" cat ${public_key} | ssh $1 'cat >> .ssh/authorized_keys' echo "ssh $1 chmod g-w,o-w .ssh" ssh $1 chmod g-w,o-w .ssh echo "ssh $1 chmod g-w,o-w .ssh/authorized_keys" ssh $1 chmod g-w,o-w .ssh/authorized_keys echo "Done pushing the public key to $1." echo "" echo "You should be able to ssh to $1 with no password from now on." echo "If your private key is not in the default location (~/.ssh/id_rsa)," echo "you'll have to specify the -i option to tell ssh where to find it."