A quickie this week. When I’m wearing my Ops Hat (I totally need to make me an “Ops Hat”, something with lights and a grappling hook), I often find myself setting up servers for other people. That requires getting them SSH access to the server and that requires getting their SSH public keys.

There are lots of excellent solutions out there for managing public keys within an organization, but these servers are one-offs, so that infrastructure isn’t going to get built.

The good news is that 9 out 10 times the people in question have GitHub accounts, and if someone has a GitHub account, they likely have a public SSH public key.

To get a GitHub user’s key, you just go to https://github.com/<username>.keys, mine are here https://github.com/spikex.keys.

If you get a blank page, then they don’t have one. Back to the old email drawing board.

It’s no secret I’m lazy, so naturally I have this automated with a BASH function:

1
2
3
4
5
6
7
8
function get_public_keys () {
mkdir -m 700 -p ~/.ssh
  for user in "$@"
  do
    curl -s https://github.com/"$user".keys >> ~/.ssh/authorized_keys
  done
  chmod 600 ~/.ssh/authorized_keys
}

You use it like:

1
get_public_keys spikex imadethisoneup

Breaking it down:

mkdir -m 700 -p ~/.ssh creates the .ssh directory if it doesn’t exist and sets permissions that will make sshd happy. If it does exist, the command is a NOOP.

for user in "$@" loops through the arguments to the function, which is what allows you to specify multiple usernames.

curl -s https://github.com/"$user".keys >> ~/.ssh/authorized_keys download the key(s) and append it to the ~/.ssh/authorized_keys.

chown 600 ~/.ssh/authorized_keys again set permissions to make sshd happy, if we happened to create authorized_keys.

Boom! Done!

Comments