Differences

This shows you the differences between two versions of the page.

--- ssh:distribute_public_keys [2016/12/05 15:26] – peter
+++ ssh:distribute_public_keys [2019/12/04 21:23] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== SSH - Distribute public keys ======
-===== Using generic configuration management software =====
-Any generic configuration management software like [[http://reductivelabs.com/products/puppet/|Puppet]], [[http://www.opscode.com/chef/|Chef]], [[http://trac.mcs.anl.gov/projects/bcfg2|Bcfg2]] or [[http://www.cfengine.org/|cfengine]] could accomplish the task.
-[[http://ansible.cc/docs/modules.html#authorized-key|Ansible]] is a very lightweight CM system that has a module to muck with authorized key files over ssh.
-[[http://code.google.com/p/ssh-keydb/|SSH KeyDB]] is meant to do exactly that, administrate roles, servers and users, distribute user keys, gather host keys etc.  It even has something called "locations".
-===== Using cron =====
-Since the **authorized_keys** file is not that complicated, you could also use **rsync** or a (D)SCM like **git** or **hg** to manage this file.
-You have the "master" file on one of your servers and serve it via rsync/git/hg/….  On every other server you run a cron job which periodically retrieves the master copy (if it was changed) and copies it to the correct local location.  This would even work with pure HTTP or FTP.
-Let the "clients" (the computers, which should have the current authorized_keys file) fetch it from your master server and deploy it locally.
-===== Using a bash script =====
-A very easy solution, that does the same with firewall-rules
-Example file hosts.conf:
-<file bash hosts.conf>
-.168.0.1
-.168.2.99
-.168.2.100
-</file>
-<file bash distribute.sh>
-#!/bin/bash
-for d in `cat ./hosts.conf`; do
-  echo "copying to $d ...";
-  scp /root/.ssh./authorized_keys root@$d:/root/.ssh./authorized_keys
-done;
-</file>