Thursday, March 25, 2010

Introducing ssh-import-lp-id

ssh-copy-id is an incredibly useful utility for pushing your public key from your local machine to a remote server, such that you can use public key authentication thereafter.

Scott Moser and I wrote a similar utility for Ubuntu Lucid, called ssh-import-lp-id, for securely pulling one or more public keys from Launchpad.net and appending them to an account's ~/.ssh/authorized_keys file.

This can be incredibly useful in cloud environments, like EC2 or UEC.

For example, I just fired up an instance in EC2, and wanted to give shared access to me, Scott, and Kees:

ubuntu@ip-172-19-1-2:~$ ssh-import-lp-id kirkland smoser kees
INFO: Successfully authorized [kirkland]
INFO: Successfully authorized [smoser]
INFO: Successfully authorized [kees]


I can cat ~/.ssh/authorized_keys and see that all 3 were imported, and now any of the 3 of us can ssh into this instance and authenticate using public key authentication.

You can use ssh-import-lp-id against any user in Launchpad who has registered their public SSH keys. Nifty, huh?

For Lucid, the ssh-import-lp-id utility is provided by the ssh-import binary package (which comes from the cloud-utils source package). Ideally, I'd like to get the tool into upstream OpenSSH and in the openssh-server package. To do so, though, I would probably need to support other public SSH keyservers besides Launchpad.net. I did a bit of searching, but I couldn't find any other SSH public keyservers out there. Any pointers?

:-Dustin

3 comments:

  1. There's also http://www.kaarsemaker.net/downloads/code/launchpadduser.py -- an older script to add a user and their SSH keys from a Launchpad username

    ReplyDelete
  2. Hi wgrant-

    Thanks for the pointer!

    Is that packaged anywhere?

    :-Dustin

    ReplyDelete
  3. http://blog.printf.net/articles/2008/09/15/an-ssh-public-keyserver

    ReplyDelete

Please do not use blog comments for support requests! Blog comments do not scale well to this effect.

Instead, please use Launchpad for Bugs and StackExchange for Questions.
* bugs.launchpad.net
* stackexchange.com

Thanks,
:-Dustin