Using ssh-updatekeys, you can set up and maintain ~/.ssh/authorized_keys with specific sets on the fly.
You just have to put your public keys on a public git repository. The script will fetch the keys, either by git + SSH (for write access) or just git + https (for read access).
It can handle different sets of keys (for instance you may want to differenciate keys with or without passphrares). In the git repository, any directory with a name starting by set (set0, setA, setTest, etc) will be treated as a set.
(ssh-updatekeys.sh is part of my -utils package).
Update : you can now grab it with the command
wget ssh.rien.pl -O ssh-updatekeys.sh
I conveniently use, since more than 10 years, one debian package to distribute over different computers some scripts, notably all the ones published here and on github (except rawdog and pxe setup – but that could change). While it’s practical for me, it’s not for anyone else since the package content is overly random.
Someone using the apt/steam cache as described on this blog can easily end up with out-of-date scripts – unless he fetch updates from git directly.
I decided to split this big package into multiples and improve the conffiles so they are more or less zeroconf.
The result is:
- -keyring: Keyring used to signed packages along with repository set-up
- -utils-cache-apt: APT downloads cache setup
- -utils-cache-steam: Steam downloads cache setup
- -utils-cloud: Owncloud setup and apps
- -utils-exim: Exim greylist, bogofilter and spamassassin setup
- -utils-torrent: Manage transmission via NFS/Samba
- -utils-tumblr: Automated image post on tumblr
- -utils-webmail: Roundcube setup and plugins
- and some others packages that these depends on.
The easiest way to get anything is to first install the keyring package and then directly apt-get:
# wget http://apt.attique.org/stalag13-keyring.deb
# dpkg -i stalag13-keyring.deb
# apt-get update
# apt-get install stalag13-...