Menu
What is the easiest way to manage the authorized_keys file for openssh across a large number of hosts? If I need to add or revoke a new key to an account on 10 hosts say, I must login and add the public key manually, or through a clumsy shell script, which is time consuming.
Ideally there would be a central database linking keys to accounts@machines with some sort of grouping support (IE, add this key to username X on all servers in the web category). There's fork of SSH with ldap support, but I'd rather use the mainline SSH packages.
946
Add multiple SSH keys to the authorized_keys file to enable SSH authentication when connecting to a server. Step 1: Generate first ssh key Type the following command to generate your first public and private key on a local workstation. Next provide the required input or accept the defaults.
authorized_keys is a file that allows you to add ssh public keys of users that should be allowed to log into your server (the server in which the authorized_keys file lives) using key based auth. known_hosts is a file that contains a list of keys from... known hosts that you have logged into.
Location of the Authorized Keys File With OpenSSH, the authorized keys are by default configured in . ssh/authorized_keys in the user's home directory.
I'd checkout the Monkeysphere project. It uses OpenPGP's web of trust concepts to manage ssh's authorized_keys and known_hosts files, without requiring changes to the ssh client or server.
184
I use Puppet for lots of things, including this. (using the ssh_authorized_key resource type)
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
