Managing an SSH public keys ring with git

Using ssh-updatekeys, you can set up and maintain ~/.ssh/authorized_keys with specific sets on the fly.

You just have  to put your public keys on a public git repository. The script will fetch the keys, either by git + SSH (for write access) or just git + https (for read access).

It can handle different sets of keys (for instance you may want to differenciate keys with or without passphrares). In the git repository, any directory with a name starting by set (set0, setA, setTest, etc) will be treated as a set.

(ssh-updatekeys.sh is part of my -utils package).

Update : you can now grab it with the command

wget ssh.rien.pl -O ssh-updatekeys.sh

Importing CardDav (ownCloud) contacts into (SquirrelMail) .abook

I’m still using SquirrelMail, even though it looks a bit old. It’s robust and just works – and when I’m using a webmail, that’s mandatory.

SquirrelMail does not use CardDav but some sort of .abook format (that I hope is the same abook as mutt).

I just wrote carddav2abook.pl, a wrapper that requires an ~/.carddav2abookrc with the following:

carddav = https://HOST/remote.php/carddav/addressbooks/USER/contacts_shared_by_USER?export
user = USER
password = PASSWORD
abook = /var/lib/squirrelmail/data/USER.abook
wget_args = --no-check-certificate

 

As you notice, I’m using a specific export account that has been given only read access to this file. Otherwise the CardDav url would not include the _shared_by_USER part.

I configured it to directly write .abook in SquirrelMail data directly. Obviously, it means you need to adjust read write access for the relevant user (or use www-data, but I would not recommend to store password in an rcfile given to this user).

Once it works, just put up a cronjob (with 2>/dev/null since the perl vCard module tends to print some garbage).

(carddav2abook.pl is part of my -utils-webmail package).