I made a tool that makes it a little easier to create and install a public key.

at first

Creating and installing a Unix-like SSH public key authentication key is simple, and it's almost the same, but it's a hassle.

I wanted to automate this as much as possible.

I think that what you generally do is like this.

# (1)Key creation
ssh-keygen -N "" -t rsa -f ~/.ssh/id_rsa

# (2-a)Transfer the key to the server
ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

# (2-b)Or manually authorized the server_Add to keys
cat ~/.ssh/id_rsa.pub| ssh [email protected] "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys && chmod 700 ~/.ssh/ && chmod 755 ~/"

# (3)Add private key information if necessary
vi ~/.ssh/config

I don't use it every day If there are a lot of target servers, it will be troublesome, I think it can be automated. I thought that was the trigger.

Feature

It has been confirmed to work on Mac OS X and CentOS 7. I think that ssh can be used on Unix / Linux, and it can be used if Python 2.7 works.

You can do the necessary commands of (1), (2) and (3) with one command. If you need (2), you only need to pass the server password once.

Rest assured that the commands executed behind the scenes are displayed in green (?)

kobito.1449918056.679926.png

I think that it is convenient when you try to set public key authentication for the time being from the fresh state when you borrowed VPS etc.

How to use

Introduction

Environment where python2.7.x can be executed The program itself is made into one source so that it can be handled easily.

Click here for repository https://github.com/yuki2006/pubkey

If only the main body is enough

wget https://raw.githubusercontent.com/yuki2006/pubkey/master/pubkey.py

Disclaimer

Because it handles private keys Please use only those who can understand the operating principle.

The developer does not guarantee that any problems will occur with this tool.

help

python pubkey.py
#Or with execute permission
./pubkey.py 
./pubkey.py -h
usage: pubkey.py [-h] [-l] [-p PrivateKeyPath] [-k] [-c] [-a ALIAS]
                 [-N PassPhrase]
                 server
positional arguments:
  server                user@server

optional arguments:
  -h, --help            show this help message and exit
  -l, --With the LocalOnly option, the operation on the server
I will not work.
  -p PrivateKeyPath, --private PrivateKeyPath
private key path[default
                        /Users/yuki2006/.ssh/id_rsa]
  -k, --generate a key with keygen keygen
  -c, --config          .ssh/Write Host information to config
  -a ALIAS, --alias ALIAS
                        -Valid only with the c option,
Of the config file
Set the Host field to this
  -N PassPhrase Specifies the passphrase. Empty string is also possible
Noh.(-Valid when k option

Add the key on the remote

Minimal options

./pubkey.py [email protected]

Execute (2) with ~ / .ssh / id_rsa.pub as the public key. Add the public key to ~ / .ssh / authorized_keys on [email protected]. At this time, if the ssh-copy-id command can be used locally, use (2-a), and if it cannot be used, execute (2-b).

Please enter the server password.

It also generates a private key and a public key (-k)

./pubkey.py -k [email protected]

Execute (1) before executing (2). At this time, (1) is simply called, so enter the passphrase according to the display.

Specify passphrase (-N)

./pubkey.py -N "" -k [email protected]

This is for those who have trouble typing a passphrase when calling (1). I have the -N option when calling ssh-keygen.

Specify the private key file. (-p /-private)

./pubkey.py -p ~/.ssh/key -N "" -k [email protected]
./pubkey.py --private ~/.ssh/key -N "" -k [email protected]

If you want to use something other than the default private key. Specify the private key path after -p. The public key used is one with .pub added, such as ~ / .ssh / key.pub.

Write the settings in ~ / .ssh / config (-c)

./pubkey.py -c -p ~/.ssh/key -N "" -k [email protected]

With the -c option, the following text will be added to ~ / .ssh / config. It is the automation of the process of (3).

Host sample.com
       User hoge
       IdentityFile ~/.ssh/key

Specify an alias. (-a)

./pubkey.py -a sample -c -p ~/.ssh/key -N "" -k [email protected]

Simply put, it will be added as below.

Host sample
		hostname sample.com
		User hoge
		IdentityFile ~/.ssh/key

If you set this, you can connect just by hitting like this. (Omitted username and hostname)

ssh sample

Do not put the public key on the remote (-l /-LocalOnly)

./pubkey.py -l -a sample -c -p ~/.ssh/key -N "" -k [email protected]

(2) is not executed. Specify when you want to create a keygen or config file but do not need to put the public key on the remote. Mainly for debugging.

Afterword

In fact, I confirmed that it was possible to improve efficiency by using it for many units and having people use it.

There may be some doubts about how to write Python. It is 2.7 or higher because it uses argparse, Any main processing should work, so I would like to consider that 2.6 etc. will work if requested.

If you have any problems or pull requests, please post them on github. On the contrary, please let me know if there is a useful tool without using this.

Recommended Posts

I made a tool that makes it a little easier to create and install a public key.
I made a tool that makes decompression a little easier with CLI (Python3)
I made a tool that makes it convenient to set parameters for machine learning models.
I made a tool to notify Slack of Connpass events and made it Terraform
I made a tool to create a word cloud from wikipedia
I made a toolsver that spits out OS, Python, modules and tool versions to Markdown
[Python] I wrote a test of "Streamlit" that makes it easy to create visualization applications.
I want to create a pipfile and reflect it in docker
I made a POST script to create an issue on Github and register it in the Project
I made a tool to compile Hy natively
I made a tool to get new articles
I made a system that automatically decides whether to run tomorrow with Python and adds it to Google Calendar.
A module that makes it easier to write Perl-like filter programs in Python fileinput
I made a Docker Image that reads RSS and automatically tweets regularly and released it.
I made a web application that maps IT event information with Vue and Flask
I made a tool in Python that right-clicks an Excel file and divides it into files for each sheet.
I tried using a library (common thread) that makes Python's threading package easier to use
When I tried to install PIL and matplotlib in a virtualenv environment, I was addicted to it.
A story that makes it easy to estimate the living area using Elasticsearch and Python
A script that makes it easy to create rich menus with the LINE Messaging API
Steps to create a Job that pulls a Docker image and tests it with Github Actions
I made a server with Python socket and ssl and tried to access it from a browser
A story that makes it easier to see Model debugging in the Django + SQLAlchemy environment
I made a tool to automatically generate a simple ER diagram from the CREATE TABLE statement
A story that made it possible to automatically create anison playlists from your music files
I made a tool to automatically generate a state transition diagram that can be used for both web development and application development
[Titan Craft] I made a tool to summon a giant to Minecraft
I wrote a class that makes it easier to divide by specifying part of speech when using Mecab in python
I tried to make a site that makes it easy to see the update information of Azure
I want to create a histogram and overlay the normal distribution curve on it. matplotlib edition
I tried to create a server environment that runs on Windows 10
[Python3] I made a decorator that declares undefined functions and methods.
Qiskit: I want to create a circuit that creates arbitrary states! !!
I want to create a system to prevent forgetting to tighten the key 1
I tried to create Bulls and Cows with a shell program
I made a library that adds docstring to a Python stub file.
I made a chatbot with Tensor2Tensor and this time it worked
[Python] I made a decorator that doesn't seem to have any use.
I made a tool to automatically browse multiple sites with Selenium (Python)
I made a web application in Python that converts Markdown to HTML
I made a Discord bot in Python that translates when it reacts
I made a CLI tool to convert images in each directory to PDF
I made a network to convert black and white images to color images (pix2pix)
I made a program to input what I ate and display calories and sugar
I made a library konoha that switches the tokenizer to a nice feeling
I made a tool to convert Jupyter py to ipynb with VS Code
I tried to create a sample to access Salesforce using Python and Bottle
When I try to go back using chainer, it fits a little
I tried to create a linebot (implementation)
I tried to create a linebot (preparation)
I made a script to display emoji
[Python] I made a script that automatically cuts and pastes files on a local PC to an external SSD.
I made a browser automatic stamping tool.
I made a tool to estimate the execution time of cron (+ PyPI debut)
I tried to publish my own module so that I can pip install it
I tried to create a class that can easily serialize Json in Python
I made a Line Bot that uses Python to retrieve unread Gmail emails!
I want to create a priority queue that can be updated in Python (2.7)
A spell that eliminates non-Japanese characters and symbols to create a Japanese plaintext corpus
I made a tool to easily display data as a graph by GUI operation.
When I tried to create a virtual environment with Python, it didn't work