One of the annoyances of ssh is the need to transfer the public key from client machine to server machine, and append to authorized_keys. Although it's simple to do, it's annoying to have to do this manually. Why can't this be automated? ssh offers to add new machine to known_hosts. Why doesn't it offer to add the public key to authorized_keys?
hi Neal-- On January 11, ndbecker2 at gmail.com said: > One of the annoyances of ssh is the need to transfer the public key from > client machine to server machine, and append to authorized_keys. Although > it's simple to do, it's annoying to have to do this manually. Why can't > this be automated? ssh offers to add new machine to known_hosts. Why > doesn't it offer to add the public key to authorized_keys? the debian distribution (at least) of openssh contains ssh-copy-id, which is a simple shell script to automate that operation. you can find the script in CVS here: http://www.chiark.greenend.org.uk/ucgi/~cjwatson/cvsweb/openssh/contrib/ssh-copy-id i think it's also in the openssh CVS, under contrib. Since i run with ControlMaster/ControlPath set up as autoask, when i've connected to a machine for the first time, i just run ssh-copy-id locally and it sets everything up for me over the existing connection for future use. hth, --dkg
On Wed, Jan 11, 2006 at 09:52:05AM -0500, Neal Becker wrote:> Why can't this be automated?Of course it can. But that doesn't mean it's a good idea. OpenSSH doesn't want to dictate (and thereby limit) your access control policy. Access control administration is left to the administrator, which I think makes a lot of sense. //Peter
Reasonably Related Threads
- ControlPath versus ProxyCommand
- Can't get LocalForward to work when using ControlPath
- [LLVMdev] llvm-gcc 2.5 libexec installed without program-prefix
- [LLVMdev] llvm-gcc 2.5 libexec installed without program-prefix
- [Bug 15502] New: Unknown LVDS configuration bits