bash

Automating ssh-copy-id

As I did not want to enter my password consecutively 20 times, I wrote a solution that would need me to enter it only once! πŸ”

2 min read
Automating ssh-copy-id
Photo by Burak Kebapci from Pexels

Last month, I receive a more recent laptop at my workplace and I needed to reinstall my distribution, Manjaro, on it. πŸ’» Fortunately, I have a semiautomatic procedure to setup myself quickly, but there was a part that did not really strike a chord in me:

# Add my public key to the principal servers (one command at at a time) 
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_1
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_2
# ...
ssh-copy-id -i ~/.ssh/id_rsa.pub $USER@SERVER_22
Excerpt of my procedure

For those that do not know the useful ssh-copy-id command, it is a tool part of OpenSSH that adds an SSH public key on a server as an authorized key. With that, you do not need to enter your password each time you log in to that server.

But it has a little (and normal) drawback: the first time you connect to the server to install a new SSH public key, you need to enter your password. πŸ”‘ With more than 20 machines that I want to be able to connect without being prompting my password, I knew that I would need to enter the same amount of times my complicated password… And it was only the minimum, as I could get it wrong… ❌

So, I decided to try to add more automation to that part of my script. I looked upon the Internet, but I did not find a perfect solution for me. So I glued together with some answers and I came with the Bash program below:

#!/bin/bash
# Script to automatically add our public key on a list of servers
# to remove the pain from typing each time our password
# when we want to access a server.
 
# [manual] If you want to copy your key to only one server
#   ssh-copy-id -i ~/.ssh/id_rsa.pub SERVER
 
# Definition of the servers
SERVERS=(
  "benjaminrancourt.ca"
  "another-server.ca"
)

# Make sure we have your password
if [ -z "$1" ]; then
  echo "You must supply your password!"
  echo " ./ssh-copy-id-servers.sh 'PASSWORD'"
  exit
fi

# Export the password into an environment variable
export SSHPASS=$1
 
# Iterate over all servers
for SERVER in "${SERVERS[@]}"
do
  # Echo the server name
  echo $SERVER
   
  # Copy our key the first time to allow
  sshpass -e ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no $USER@$SERVER || echo "FAILED"
   
  # Clean the .ssh folder
  ssh $USER@$SERVER 'rm -rf .ssh'
   
  # Add back our key, as we have remove the former authorized keys, along with the new one!
  sshpass -e ssh-copy-id -i ~/.ssh/id_rsa.pub -o StrictHostKeyChecking=no $USER@$SERVER || echo "FAILED"
done
My ssh-copy-id-servers.sh script

To remove old public keys of previous installations, I also add the deletion of the .ssh folder on each server. It may be a brutal way, but I am sure they are no leftovers! πŸ’€

By taking less than 30 minutes to come to this solution, I estimate that I save at least the same amount of time for myself for the next five years. My investment will pay off quickly if other people in my workplace use it! 🧹

By automating more and more of my procedure at each reinstallation, it becomes easier and easier! πŸ€–

I wish this script helps you!

bash
Previous post

What Are GitLab Badges and How to Use Them?

Next post

Do You Sometimes Organize Your Cell Phone?

Related Posts

Benjamin Rancourt
Follow