Web Developer in Boulder CO The Blog

Script that installs an RSA key on the local machine and a remote machine

Published by Nicholas Dunbar on February 9th, 2014

Run this interactive bash script, if you want to set up an RSA key on your local machine and then have the script automatically install the key on a remote machine. The script is tested to work on Linux, Unix, AIX with bash.

Here is an example of how the script will run (code is below):

[local_username@localhost /]$ sh generate_ssh_key.sh
Where do you want to place the RSA key?
Enter the remote host (example: example.com or an IP address):
140.130.70.80

Enter user name on the remote host (140.130.70.80):
remote_username

Testing access to remote host (140.130.70.80) with user name (remote_username)
remote_username@140.130.70.80's password:
Connection to 140.130.70.80 closed.

Server returned (remotehostname) as hostname, is this the correct remote host?
1) Yes
2) No
#? 1

Created RSA key name:
local_username_to_remote_username_on_remotehostname_rsa_id

Do you want to allow local_username on localhost_server.com to beable to login to 140.130.70.80 under the ID remote_username without a password?
1) Yes
2) No
#? 1
Generating key...
Setting home directory privileges
Creating RSA key
Don't enter a password below just hit enter:
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in local_username_to_remote_username_on_remotehostname_rsa_id.
Your public key has been saved in local_username_to_remote_username_on_remotehostname_rsa_id.
The key fingerprint is:
da:b6:45:51:98:f6:c7:8e:2b:f4:4b:db:ea:a0:65:f5 local_username@localhost_server.com
The key's randomart image is:
+--[ RSA 2048]----+
| o. |
| +. |
| . *.fff |
| |
+-----------------+
Enter password to 140.130.70.80:

Setting up .ssh folder on remote server
Enter password:
remote_username@140.130.70.80's password:
Connection to 140.130.70.80 closed.

Writing public key to remote authorized_keys file
Enter password:
remote_username@140.130.70.80's password:

Installation of RSA key complete!

Here is the code for the script generate_ssh_key.sh


#!/bin/bash
#######################
# installs an RSA key on the local machine and a remote machine
# Allows you to connect to a remote machine without a password
#######################

base_path=$(pwd);
local_hostname=$(hostname);
local_user=$(whoami);
home_dir=$(dirname ~);

echo "Where do you want to place the RSA key?";
echo "Enter the remote host (example: example.com or an IP address):";
read host;

echo '';
echo "Enter user name on the remote host ($host):";
read username;

echo '';
echo "Testing access to remote host ($host) with user name ($username)";
cmd='hostname';
remote_hostname=$(ssh -t $username@$host "$cmd");
#clean out cariage returns and newlines
remote_hostname=$(echo $remote_hostname | sed 's/\r$//');
remote_hostname=$(echo $remote_hostname | sed 's/\n$//');
remote_hostname=$(echo $remote_hostname | tr -cd '[[:alnum:]]._-');

echo "";
echo "Server returned ($remote_hostname) as hostname, is this the correct remote host?";
select yn in "Yes" "No"; do
case $yn in
Yes ) break;;
No ) exit 1;;
esac
done

#create RSA name based on the remote host name and the remote username
rsa_name="";
rsa_name+=$local_user;
rsa_name+="_to_";
rsa_name+=$username;
rsa_name+="_on_";
rsa_name+=$remote_hostname;
rsa_name+="_rsa_id";
echo "";
echo "Created RSA key name:";
echo "$rsa_name";

echo "";
echo "Do you want to allow $local_user on $local_hostname to beable to login to $host under the ID $username without a password?";
select yn in "Yes" "No"; do
case $yn in
Yes ) echo "Generating key..."; break;;
No ) exit;;
esac
done


#check if user exists on system
if [ -d "$home_dir/$local_user/" ]; then
# Control will enter here if directory exists.
cd ~;
#make sure .ssh directory exists and has user only permissions
echo "Setting home directory privileges";
if [ -d "$home_dir/$local_user/.ssh" ]; then
chmod 700 .ssh;
else
mkdir .ssh;
chmod 700 .ssh;

fi
cd .ssh;
echo "Creating RSA key";
echo "Don't enter a password below just hit enter:";
#generate key
ssh-keygen -t rsa -f $rsa_name;
echo "Enter password to $host:";
#Install key on remote host
set rsa_contents = `cat ~/.ssh/$rsa_name.pub`;

echo '';
echo "Setting up .ssh folder on remote server";
echo "Enter password:";
remote_script=$(echo "
home_dir=$(dirname ~);
cd ~;
if [ -d \".ssh\" ]; then
chmod 700 .ssh;
else
mkdir .ssh;
chmod 700 .ssh;

fi
cd .ssh;
touch authorized_keys;
chmod 600 authorized_keys;
exit;");
ssh -t $username@$host "$remote_script";

echo '';
echo "Writing public key to remote authorized_keys file";
echo "Enter password:";
ssh $username@$host "echo '`cat ~/.ssh/$rsa_name.pub`' >> ~/.ssh/authorized_keys";

echo '';
rm ~/.ssh/$rsa_name.pub;
echo "Installation of RSA key complete!";
echo '';
echo "Use the following to login:";
echo "ssh -i ~/.ssh/$rsa_name $username@$host";

cd $base_path;
exit;
else
echo "Sorry, no home directory found.";
fi

Nicholas Dunbar Posted on February 9th, 2014

comments powered by Disqus