Skip to content

Instantly share code, notes, and snippets.

@tedivm

tedivm/authorized_keys_command.sh

Created November 12, 2021 23:10
Show Gist options
  • Save tedivm/1f57a7d7ba73b5746fa6d3a334405915 to your computer and use it in GitHub Desktop.
Save tedivm/1f57a7d7ba73b5746fa6d3a334405915 to your computer and use it in GitHub Desktop.
Download ZIP
OpenSSH Authorized Keys Command
Raw
authorized_keys_command.sh
#!/usr/bin/env bash
# Explicit "allow" list in case Github users overlap with system users
ALLOWED_USERS="tedivm"
KEY_URL="https://github.com/${1}.keys"
if [[ -z $1 ]]; then
>&2 echo "Username required."
exit 1
fi
if [[ ! " $ALLOWED_USERS " =~ .*\ $1\ .* ]]; then
>&2 echo "User not in allowed list."
exit 1
fi
TMP_AUTHORIZED_KEYS=$(mktemp)
HTTP_STATUS=$(curl -m 5 -s -o $TMP_AUTHORIZED_KEYS -w "%{http_code}" $KEY_URL)
PUBLIC_KEYS=$(cat $TMP_AUTHORIZED_KEYS)
rm $TMP_AUTHORIZED_KEYS
if [ $HTTP_STATUS != "200" ]; then
>&2 echo "Pulling keys from Github failed with status code ${HTTP_STATUS}"
exit 1
else
echo "$PUBLIC_KEYS" > ~/.ssh/authorized_keys2
cat ~/.ssh/authorized_keys2
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment