Last month, I receive a more recent laptop at my workplace and I needed to reinstall my distribution, Manjaro, on it. 💻 Fortunately, I have a semiautomatic procedure to setup myself quickly, but there was a part that did not really strike a chord in me:
# Add my public key to the principal servers (one command at at a time)
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_1
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_2
# ...
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_22
For those that do not know the useful ssh-copy-id command, it is a tool part of OpenSSH that adds an SSH public key on a server as an authorized key. With that, you do not need to enter your password each time you log in at that server.
But it has a little (and normal) drawback: the first time you connect to the server to install a new SSH public key, you need to enter your password. 🔑 With more than 20 machines that I want to be able to connect without being prompting my password, I knew that I would need to enter the same amount of times my complicated password… And it was only the minimum, as I could get it wrong… ❌
So, I decide to try to add more automation to that part of my script. I looked up on the Internet, but I did not find a perfect solution for me. So I glued together some answers and I came with the Bash program below:
#!/bin/bash
# Script to automatically add our public key on a list of servers
# to remove the pain from typing each time our password
# when we want to access a server.
# [manual] If you want to copy your key to only one server
# ssh-copy-id -i ~/.ssh/id_rsa.pub SERVER
# Definition of the servers
SERVERS=(
"benjaminrancourt.ca"
"another-server.ca"
)
# Make sure we have your password
if [-z "$1"]; then
echo "You must supply your password!"
echo " ./ssh-copy-id-servers.sh 'PASSWORD'"
exit
fi
# Export the password into an environment variable
export SSHPASS=$1
# Iterate over all servers
for SERVER in "${SERVERS[@]}"
do
# Echo the server name
echo $SERVER
# Copy our key the first time to allow
sshpass -e ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no $USER@$SERVER || echo "FAILED"
# Clean the .ssh folder
ssh $USER@$SERVER 'rm -rf .ssh'
# Add back our key, as we have remove the former authorized keys, along with the new one!
sshpass -e ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no $USER@$SERVER || echo "FAILED"
done
ssh-copy-id-servers.sh scriptTo remove old public keys of previous installations, I also add the deletion of the .ssh folder on each server. It may be a brutal way, but I am sure they are no leftovers! 💀
By taking less than 30 minutes to come to this solution, I estimate that I save at least the same amount of time for myself for the next five years. My investment will pay off quicker if other people in my workplace use it! 🧹
By automating more and more of my procedure at each reinstallation, it becomes easier and easier! 🤖
I wish this script helps you!
Top comments (0)