Skip to main content

Authorize SSH public keys from trusted online identities

Project description

ssh-import-id
===========

You're logged onto a cloud instance working on a problem with your fellow devs, and you want to invite them to log in and take a look at these crazy log messages. What do?

Oh. You have to ask them to cat their public SSH key, paste it into IRC (wait, no, it's id\_rsa.pub, not id\_rsa silly!) then you copy it and cat it to the end of authorized\_hosts.

That's where ssh-import-id comes in. With ssh-import-id, you can add the public SSH keys from a known, trusted online identity to grant SSH access.

Currently supported identities include Github and Launchpad.

Usage
-----

ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are:

'gh:' for Github
'lp:' for Launchpad

Command line help:

usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...]

Authorize SSH public keys from trusted online identities.

positional arguments:
USERID User IDs to import

optional arguments:
-h, --help show this help message and exit
-o FILE, --output FILE
Write output to file (default ~/.ssh/authorized_keys)

Example
-------

If you wanted me to be able to ssh into your server, as the desired user on that machine you would use:

$ ssh-import-id gh:cmars

You can also import multiple users on the same line, even from different key services, like so:

$ ssh-import-id gh:cmars lp:kirkland

Used with care, it's a great collaboration tool!

Installing
----------

ssh-import-id can be installed on Python >= 2.6 with a recent version of pip:

$ pip install ssh-import-id

ssh-import-id requires a recent version of Requests (>=1.1.0) for verified SSL/TLS connections.

Extending
---------

You can add support for your own SSH public key providers by creating a script named ssh-import-id-*prefix*. Make the script executable and place it in the same bin directory as ssh-import-id.

The script should accept the identity username for the service it connects to, and output lines in the same format as an ~/.ssh/authorized\_keys file.

If you do develop such a handler, I recommend that you connect to the service with SSL/TLS, and require a valid certificate and matching hostname. Use Requests.get(url, verify=True), for example.

Credits
-------

This project is authored and maintained by Dustin Kirkland, Scott Moser, and Casey Marshall.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ssh-import-id-5.0.tar.gz (6.0 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page