====== Ubuntu - SSH - Distribute public keys ======
For a bunch of networked servers, I'd rather recommend one of the two following approaches:
- Store SSH keys in LDAP (OpenSSH servers generally will require LPK patch set).
- Provide CA signed certificates to your users and keep a certificate revocation list to centrally disable certain certificates.
----
===== Using generic configuration management software =====
Any generic configuration management software like [[http://reductivelabs.com/products/puppet/|Puppet]], [[http://www.opscode.com/chef/|Chef]], [[http://trac.mcs.anl.gov/projects/bcfg2|Bcfg2]] or [[http://www.cfengine.org/|cfengine]] could accomplish the task.
[[http://ansible.cc/docs/modules.html#authorized-key|Ansible]] is a very lightweight CM system that has a module to muck with authorized key files over ssh.
[[http://code.google.com/p/ssh-keydb/|SSH KeyDB]] is meant to do exactly that, administrate roles, servers and users, distribute user keys, gather host keys etc. It even has something called "locations".
----
===== Using cron =====
Since the **authorized_keys** file is not that complicated, you could also use **rsync** or a (D)SCM like **git** or **hg** to manage this file.
You have the "master" file on one of your servers and serve it via rsync/git/hg/…. On every other server you run a cron job which periodically retrieves the master copy (if it was changed) and copies it to the correct local location. This would even work with pure HTTP or FTP.
Let the "clients" (the computers, which should have the current authorized_keys file) fetch it from your master server and deploy it locally.
----
===== Using a bash script =====
A very easy solution, that does the same with firewall-rules
Example file hosts.conf:
192.168.0.1
192.168.2.99
192.168.2.100
#!/bin/bash
for d in `cat ./hosts.conf`; do
echo "copying to $d ...";
scp /root/.ssh./authorized_keys root@$d:/root/.ssh./authorized_keys
done;