Re: RFC: ssh-copy-id tweaks
This is a discussion on Re: RFC: ssh-copy-id tweaks within the OpenSSH Development forums, part of the Networking and Network Related category; Circa 2008-02-02 00:50 dixit Jim Knoble: : I'm working on a rewrite of ssh-copy-id The (...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-05-2008
|
|||
|
|||
Re: RFC: ssh-copy-id tweaks
Circa 2008-02-02 00:50 dixit Jim Knoble:
: I'm working on a rewrite of ssh-copy-id The (nearly complete) rewrite of ssh-copy-id is available: http://www.jmknoble.net/openssh/ssh-copy-id Differences from prior ssh-copy-id: (1) Searches for identities in the following order: [identities in ssh-agent] ~/.ssh/id_rsa.pub ~/.ssh/id_dsa.pub ~/.ssh/identity.pub Copies the first one available (more than one if ssh-agent has multiple identities loaded, see below). (2) Old ssh-copy-id overloaded two meanings onto the '-i' switch: (a) "Don't look for identities in ssh-agent" (b) "Use this identity file over here" [a] above has moved from '-i' (with no arguments) to '-A'. [b] above remains at '-i' (with an argument). See the help (available with 'ssh-copy-id --help'). (3) Allows one to use an alternate "dot-ssh" directory on the local host, by setting the SSH_DIR environment variable to the path to a directory. Equivalent functionality on the remote side is not yet available. (4) Most importantly (it's what initiated this whole thread), only adds an identity to ~/.ssh/authorized_keys on the remote host if the public key isn't already present in some form. (5) It's more complex. In order to be smart enough about how we do [4], we use awk, which may be present on the remote host as 'gawk', 'mawk', 'nawk', or 'awk'. We look for them, in that order, on the PATH. You can correct the limited search used by setting the REMOTE_AWK environment variable to the path to the remote system's awk ('env REMOTE_AWK=/usr/bin/awk ssh-copy-id'). (6) It executes commands on the remote host using 'sh'. I believe it to be portable to situations where the remote user's shell is csh or tcsh, but i could be mistaken. Please test that. I'm a little worried about command-line length; the 'ssh' command has gotten somewhat long. Feedback about that would be handy as well. -- jim knoble | jmknoble@pobox.com | http://www.pobox.com/~jmknoble/ (GnuPG key ID: 6F39C2CC >>>>>> http://www.pobox.com/~jmknoble/keys/ ) (GnuPG fingerprint: 5024:D578:7CF4:5660:7269::F6F3:B919:9307:6F39:C2CC ) +----------------------------------------------------------------------+ |[L]iberty, as we all know, cannot flourish in a country that is perma-| | nently on a war footing, or even a near-war footing. --Aldous Huxley| +----------------------------------------------------------------------+ _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
