beautifulcode / ssh-copy-id-for-osx Goto Github PK

View Code? Open in Web Editor NEW

888.0 29.0 110.0 9 KB

Quick Mac OSX port of the useful unix utility ssh-copy-id

Shell 100.00%

ssh-copy-id-for-osx's Introduction

ssh-copy-id for OSX

Quick port of the useful unix utility ssh-copy-id

Note: MacOS Sierra now includes an onboard `ssh-copy-id` in `/usr/bin`

Installation

Git clone & run install script

curl -L https://raw.githubusercontent.com/beautifulcode/ssh-copy-id-for-OSX/master/install.sh | sh

SSH-COPY-ID man

NAME

ssh-copy-id - install your identity.pub in a remote machine's authorized_keys

SYNOPSIS

ssh-copy-id [-i [identity_file]] [user@]machine

DESCRIPTION

ssh-copy-id is a script that uses ssh to log into a remote machine (presumably using a login password, so password authentication should be enabled, unless you've done some clever use of multiple identities)

It also changes the permissions of the remote user's home, ~/.ssh, and ~/.ssh/authorized_keys to remove group writability (which would otherwise prevent you from logging in, if the remote sshd has StrictModes set in its configuration).

If the -i option is given then the identity file (defaults to ~/.ssh/identity.pub) is used, regardless of whether there are any keys in your ssh-agent. Otherwise, if this:

ssh-add -L

provides any output, it uses that in preference to the identity file.

If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or more fingerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file, and directory, if necessary)

ssh-copy-id-for-osx's People

Contributors

Stargazers

Watchers

Forkers

jasonblewis yabba kenergy paulmaunders ofshellohicy kimbsen barrbrain edipofederle garmoncheg fzoro robbiegill merikan darron vlastv lembang reactorcoremeltdown dotalbot tian007 aoki brendanthompson roninsa paidcritic wemomedia renaud sprig neosergio lfitzpatrick noruna shabbirh daili danielkutik hubez stevepereira herosea slmingol charlessoft vzabaznov hbcbh1999 dotcomputercraft stamhe x0x8x lotreal thomasbabuj stevennuo qz267 hawky-4s- chrisidefix mohitsethi orinocoz vietjovi gr3yr0n1n vgrenkov mbutkereit michalkoslab cgonzalezbermudez durfen dice-unc runtimezero hirleydayan niksmac ii0 abhitopia franciscocpg youngwookim tsingheng michahell y-matsumoto mulerwang wedi ericmjl quirkyshop stipid 0ldm0s vzool dmitrybelyakov lewellyn lateagain ayhanbasmisirli artynet w2naf tchia04 duoyume bobbshires brbecker piyush1911 reinhardhsu isaacdong pitsyncranjith dpavlovic christopherlima lcnja thangphuocnguyen numberwhun glasnier zyuskin bravf hybridprogrammer maxmaric dacbarbos itriumph

ssh-copy-id-for-osx's Issues

/usr/local/bin not found

So I am running a fresh installation of OS X Yosemite, when I try to run the curl command, it returns an error.

curl -L https://raw.githubusercontent.com/beautifulcode/ssh-copy-id-for-OSX/master/install.sh | sh

responds with

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   805  100   805    0     0   3259      0 --:--:-- --:--:-- --:--:--  3272
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Warning: Failed to create the file /usr/local/bin/ssh-copy-id: No such file or 
Warning: directory
curl: (23) Failed writing body (0 != 1394)
Failed to install ssh-copy-id into /usr/local/bin.

I further investigated by

Arians-MacBook-Pro-Retina:~ Arian$ ls -la /usr/
total 8
drwxr-xr-x@   10 root  wheel    340 Nov  6 19:51 .
drwxr-xr-x    31 root  wheel   1122 Nov 22 16:29 ..
drwxr-xr-x     5 root  wheel    170 Sep  9 14:41 X11
lrwxr-xr-x     1 root  wheel      3 Nov  6 19:51 X11R6 -> X11
drwxr-xr-x  1047 root  wheel  35598 Nov 17 10:27 bin
drwxr-xr-x   250 root  wheel   8500 Nov 17 10:27 lib
drwxr-xr-x   171 root  wheel   5814 Nov 17 10:28 libexec
drwxr-xr-x   243 root  wheel   8262 Nov 17 10:28 sbin
drwxr-xr-x    43 root  wheel   1462 Nov  6 19:50 share
drwxr-xr-x     4 root  wheel    136 Nov  6 19:45 standalone
Arians-MacBook-Pro-Retina:~ Arian$

I don't have a local folder in the /usr/ directory, is this right?

First time failure, second time partial success

After getting the script working and posting the findings in #5, I ran the script again on a different server (one I had never connected to, and so I had to accept the server key, if that makes a difference). I typed the password as requested and it exited with code 1 and no output again. I tried to log in with ssh and it prompted me for the password again. On logging in I inspected authorized_keys and saw that it had a bizarre line as follows (with my correct public key partially replaced with stars and a seemingly corrupt key (or is it the server's key? transmountain is part of the hostname) partially replaced with hashes):

ssh-rsa AAAAB3N#####7PHLTOun transmountain-rsa-key-1347299094ssh-rsa AAAAB3N*****7eqiY5 /Users/tremby/.ssh/id_rsa

I then logged out and ran the script again. This time it exited with code 1 again, but when I tried to ssh in to the server again, it worked. Now there is a second line in authorized_keys identical to the tail section of the above:

ssh-rsa AAAAB3N*****7eqiY5 /Users/tremby/.ssh/id_rsa

No idea what is happening here. If you request I could remove my keys and acceptance of the server's key and try again.

Doesn't support -p argument

Hi @beautifulcode
Nice tool! There is only one issue for me. Your script doesn't support -p argument to connect to a different port than 22.

Thanks!

ssh-copy-id in macOS Sierra

Just FYI - it appears macOS Sierra now includes the ssh-copy-id script in /usr/bin/ssh-copy-id

The agent has no identities.

Similar to #3, I believe.

I had a similar issue -- the script exited with code 1 with no error, and on inspecting authorized_keys on the remote the string The agent has no identities. had been added. This was the output of ssh-add -L, even though I did have an id_rsa file. The solution for me was to run ssh-add alone, which gave some encouraging output, and after that ssh-add -L gives the expected output and so running ssh-copy-id again worked.

I'm surprised by that because I've never had to run that before.

Perhaps ssh-add could be run automatically if ssh-add -L returns an error code (I didn't check if it did, but presumably it does in this case), or at least notify the user that they may want to run it. And obviously don't add something to the remote's authorized_keys if it's not actually a key!

Path issues

nevermind, user error

added -p for port option and added ability to have no space after -i

#!/bin/sh

# Shell script to install your public key on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.

ID_FILE="${HOME}/.ssh/id_rsa.pub"

for arg in "$@"
do
    case "$arg" in
      -i*)    
        ID_FILE=`echo $arg | sed 's/-i//g'`
        LAST=idfile
        continue
            ;;
      -p*)    
        PORT=`echo $arg | sed 's/-p//g'`
        LAST=port
        continue
            ;;
    *)  
        if [ "$LAST" == "idfile" ] && [ 0 == `expr "$arg" : ^-`  ] ; then
          ID_FILE=$arg
        elif [ "$LAST" == "port" ] ; then
          PORT=$arg
        else
          REMOTE_SERVER=$arg
        fi
        LAST=""
    esac
done

#echo ID_FILE = $ID_FILE
#echo PORT = $PORT
#echo REMOTE_SERVER = $REMOTE_SERVER

if [ -n "$ID_FILE" ]; then
    if expr "$ID_FILE" : ".*\.pub" > /dev/null ; then
      ID_FILE="$ID_FILE"
    else
      ID_FILE="$ID_FILE.pub"
    fi
else
    if [ x$SSH_AUTH_SOCK != x ] ; then
     GET_ID="$GET_ID ssh-add -L | grep -vxF 'The agent has no identities.'"
    fi
fi

if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
  GET_ID="cat ${ID_FILE}"
fi

if [ -z "`eval $GET_ID`" ]; then
  echo "$0: ERROR: No identities found" >&2
  exit 1
fi

if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ] || [ -z "$REMOTE_SERVER" ]; then
  echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
  exit 1
fi

if [ -n "$PORT" ] ; then
PPORT="-p$PORT"
fi

{ eval "$GET_ID" ; } | ssh $REMOTE_SERVER $PPORT "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys; test -x /sbin/restorecon && /sbin/restorecon .ssh .ssh/authorized_keys" || exit 1

cat <<EOF
Now try logging into the machine, with "ssh '$1'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

EOF