pi8027 · December 10, 2015 16:18 · pi8027 · Jan 8, 2013
diff --git a/key-manager-config b/key-manager-config
 #!/bin/sh

 # ~/.ssh/key-manager-config
 # $1 に鍵の名前を取り、それが正しい名前であれば、1行目にその秘密鍵を持って良い計
 # 算機のリストを、2行目にその鍵で入れるようにする計算機のリストを出力する。

 case "$1" in
 master)
    echo
    echo hostA hostB www.coins.tsukuba.ac.jp
    ;;
 coins)
    echo www.coins.tsukuba.ac.jp
    echo www.coins.tsukuba.ac.jp
    ;;
 git)
    echo
    echo
    ;;
 *)
    exit 1
    ;;
 esac
diff --git a/ssh-key-update b/ssh-key-update
 #!/bin/sh

 LANG=C

 CONFIG_FILE=~/.ssh/key-manager-config
 KEY_NAME=$1

 TIMESTAMP=`date +%s`

 CONFIG=`. $CONFIG_FILE $KEY_NAME`

 [ 0 != $? ] && exit 1

 mkdir -p ~/.ssh/$KEY_NAME
 cd ~/.ssh/$KEY_NAME

 ssh-keygen -N "" -C "ssh-key-update:$KEY_NAME:$TIMESTAMP" -f ./$TIMESTAMP

 echo 'updating private keys...'

 for host in `echo "$CONFIG" | head -n 1`; do
    echo $host
    ssh -S ~/.ssh/master-$$ $host -M -f -N 2>/dev/null 1>&2
    ssh -S ~/.ssh/master-$$ $host "mkdir -p ~/.ssh/$KEY_NAME"
    scp -o ControlPath=~/.ssh/master-$$ \
        ./$TIMESTAMP ./$TIMESTAMP.pub $host:.ssh/$KEY_NAME/
    ssh -S ~/.ssh/master-$$ $host \
        "cd ~/.ssh/$KEY_NAME/; ln -f -s $TIMESTAMP latest"
    ssh -S ~/.ssh/master-$$ $host \
        "cd ~/.ssh/$KEY_NAME/; ln -f -s $TIMESTAMP.pub latest.pub"
    ssh -S ~/.ssh/master-$$ $host -O exit 1>/dev/null 2>/dev/null
 done

 echo 'updating public keys...'

 for host in `echo "$CONFIG" | tail -n 1`; do
    echo $host
    ssh -S ~/.ssh/master-$$ $host -M -f -N 2>/dev/null 1>&2
    {
    ssh -S ~/.ssh/master-$$ $host 'cat ~/.ssh/authorized_keys' | \
        grep -v -F " ssh-key-update:$KEY_NAME:"
    cat ./$TIMESTAMP.pub
    } | ssh -S ~/.ssh/master-$$ $host 'cat > ~/.ssh/authorized_keys_new'
    ssh -S ~/.ssh/master-$$ $host \
        'cd ~/.ssh/; mv authorized_keys_new authorized_keys'
    ssh -S ~/.ssh/master-$$ $host -O exit 1>/dev/null 2>/dev/null
 done

 ln -f -s ./$TIMESTAMP ./latest
 ln -f -s ./$TIMESTAMP.pub ./latest.pub
	#!/bin/sh

	# ~/.ssh/key-manager-config
	# $1 に鍵の名前を取り、それが正しい名前であれば、1行目にその秘密鍵を持って良い計
	# 算機のリストを、2行目にその鍵で入れるようにする計算機のリストを出力する。

	case "$1" in
	master)
	echo
	echo hostA hostB www.coins.tsukuba.ac.jp
	;;
	coins)
	echo www.coins.tsukuba.ac.jp
	echo www.coins.tsukuba.ac.jp
	;;
	git)
	echo
	echo
	;;
	*)
	exit 1
	;;
	esac
	#!/bin/sh

	LANG=C

	CONFIG_FILE=~/.ssh/key-manager-config
	KEY_NAME=$1

	TIMESTAMP=`date +%s`

	CONFIG=`. $CONFIG_FILE $KEY_NAME`

	[ 0 != $? ] && exit 1

	mkdir -p ~/.ssh/$KEY_NAME
	cd ~/.ssh/$KEY_NAME

	ssh-keygen -N "" -C "ssh-key-update:$KEY_NAME:$TIMESTAMP" -f ./$TIMESTAMP

	echo 'updating private keys...'

	for host in `echo "$CONFIG" \| head -n 1`; do
	echo $host
	ssh -S ~/.ssh/master-$$ $host -M -f -N 2>/dev/null 1>&2
	ssh -S ~/.ssh/master-$$ $host "mkdir -p ~/.ssh/$KEY_NAME"
	scp -o ControlPath=~/.ssh/master-$$ \
	./$TIMESTAMP ./$TIMESTAMP.pub $host:.ssh/$KEY_NAME/
	ssh -S ~/.ssh/master-$$ $host \
	"cd ~/.ssh/$KEY_NAME/; ln -f -s $TIMESTAMP latest"
	ssh -S ~/.ssh/master-$$ $host \
	"cd ~/.ssh/$KEY_NAME/; ln -f -s $TIMESTAMP.pub latest.pub"
	ssh -S ~/.ssh/master-$$ $host -O exit 1>/dev/null 2>/dev/null
	done

	echo 'updating public keys...'

	for host in `echo "$CONFIG" \| tail -n 1`; do
	echo $host
	ssh -S ~/.ssh/master-$$ $host -M -f -N 2>/dev/null 1>&2
	{
	ssh -S ~/.ssh/master-$$ $host 'cat ~/.ssh/authorized_keys' \| \
	grep -v -F " ssh-key-update:$KEY_NAME:"
	cat ./$TIMESTAMP.pub
	} \| ssh -S ~/.ssh/master-$$ $host 'cat > ~/.ssh/authorized_keys_new'
	ssh -S ~/.ssh/master-$$ $host \
	'cd ~/.ssh/; mv authorized_keys_new authorized_keys'
	ssh -S ~/.ssh/master-$$ $host -O exit 1>/dev/null 2>/dev/null
	done

	ln -f -s ./$TIMESTAMP ./latest
	ln -f -s ./$TIMESTAMP.pub ./latest.pub