moul/sshportal
1
1
Fork 0
mirror of https://github.com/moul/sshportal.git synced 2025-09-10 22:54:49 +08:00
Code Issues Projects Releases Packages Wiki Activity

Add 'key setup' command (easy SSH key installation)

Browse source
This commit is contained in:
Manfred Touron 2017-11-24 05:03:58 +01:00
parent 4189eb8154
commit 0f0a8dd9bb
3 changed files with 28 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG.md
View file

@ -2,7 +2,7 @@
## master (unreleased) ## master (unreleased)
* No entry * Add 'key setup' command (easy SSH key installation)
## v1.3.0 (2017-11-23) ## v1.3.0 (2017-11-23)

25
README.md
View file

@ -32,6 +32,8 @@ Jump host/Jump server without the jump, a.k.a Transparent SSH bastion
* Connect to host using key or password * Connect to host using key or password
* Admin commands can be run directly or in an interactive shell * Admin commands can be run directly or in an interactive shell
* User Roles * User Roles
* User invitations
* Easy authorized_keys installation
## Usage ## Usage
@ -81,28 +83,18 @@ List hosts
```console ```console
config> host ls config> host ls
ID | NAME | URL | KEY | PASS | GROUPS | COMMENT ID | NAME | URL | KEY | PASS | GROUPS | COMMENT
+----+------+-------------------------+---------+------+--------+---------+ +----+------+-------------------------+---------+------+---------+---------+
1 | foo | bart@foo.example.org:22 | default | | 1 | 1 | foo | bart@foo.example.org:22 | default | | default |
Total: 1 hosts. Total: 1 hosts.
config> config>
``` ```
Get the default key in authorized_keys format Add the key to the server
```console ```console
config> key inspect default $ ssh bart@foo.example.org "$(ssh localhost -p 2222 -l admin key setup default)"
[...] $
"PubKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvUP/8FedyIe+a+RWU4KvJ1+iZwtWmY9czJubLwN4RcjKHQMzLqWC7pKZHAABCZjLJjVD/3Zb53jZwbh7mysAkocundMpvUL5+Yb4a8lDiflXkdXT9fZCx+ibJBk4jRnKLGIneSzVtFEerEwQKKnKQoCgPkZwCDaL/jHhDlOmAvxqAJrjiy42HXwppX2UuF8zujs6OKHRYJ/Q1vo0caa6/o1eoyXE9OrOwIk+IcAN3YIQi/B1BOlZOQBzHIZz83AFlD2TcPhyYcbxPyKGih84Zr3rQaaP1WiaiPqxzp3s5OhTLthc5XtCSLzmRSLvgC2eFdNhBDB5KLtO2khBkz5ID",
[...]
config>
```
Add this key to the server
```console
$ ssh bart@foo.example.org
> umask 077; mkdir -p .ssh; echo ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvUP/8FedyIe+a+RWU4KvJ1+iZwtWmY9czJubLwN4RcjKHQMzLqWC7pKZHAABCZjLJjVD/3Zb53jZwbh7mysAkocundMpvUL5+Yb4a8lDiflXkdXT9fZCx+ibJBk4jRnKLGIneSzVtFEerEwQKKnKQoCgPkZwCDaL/jHhDlOmAvxqAJrjiy42HXwppX2UuF8zujs6OKHRYJ/Q1vo0caa6/o1eoyXE9OrOwIk+IcAN3YIQi/B1BOlZOQBzHIZz83AFlD2TcPhyYcbxPyKGih84Zr3rQaaP1WiaiPqxzp3s5OhTLthc5XtCSLzmRSLvgC2eFdNhBDB5KLtO2khBkz5ID >> .ssh/authorized_keys
``` ```
Profit Profit
@ -172,6 +164,7 @@ key create [-h] [--name=<value>] [--type=<value>] [--length=<value>] [--comment=
key inspect [-h] KEY... key inspect [-h] KEY...
key ls [-h] key ls [-h]
key rm [-h] KEY... key rm [-h] KEY...
key setup [-h] KEY
# user management # user management
user help user help

18
shell.go
View file

@ -903,6 +903,24 @@ GLOBAL OPTIONS:
return SSHKeysByIdentifiers(db, c.Args()).Delete(&SSHKey{}).Error return SSHKeysByIdentifiers(db, c.Args()).Delete(&SSHKey{}).Error
}, },
}, {
Name: "setup",
Usage: "Return shell command to install key on remote host",
ArgsUsage: "KEY",
Action: func(c *cli.Context) error {
if c.NArg() != 1 {
return cli.ShowSubcommandHelp(c)
}
// not checking roles, everyone with an account can see how to enroll new hosts
var key SSHKey
if err := SSHKeysByIdentifiers(db, c.Args()).First(&key).Error; err != nil {
return err
}
fmt.Fprintf(s, "umask 077; mkdir -p .ssh; echo %s sshportal >> .ssh/authorized_keys\n", key.PubKey)
return nil
},
}, },
}, },
}, { }, {