Import ssh keys from plain http url
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ssh-import-id |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
It would be nice if it were possible to import ssh key by just running
`ssh-import-id https:/
I have written a patch attached below that does that.
[PATCH] Implement public key import from plain http url
This commit will enable generic http/https ssh key importer
that does not depend on pre existing support for special API.
Quite many diferent services already have support for providing
ssh public keys in a plain text authorized_keys file format.
Also setting it up on your own controlled http server is quite easy.
Just give ssh-import-id a url with ssh keys and it will do the rest.
Examples:
Import from self hosted https server
ssh-import-id https:/
Import from a Gogs git service
ssh-imoprt-id https:/
Import from Debian GitLab instance
ssh-import-id https:/
Import from Github without using the json api
ssh-import-id https:/
Changed in ssh-import-id: | |
status: | New → Triaged |
importance: | Undecided → Medium |
status: | Triaged → Confirmed |
importance: | Medium → Wishlist |
Today I ran into something similar, but we have a larger user base that uses different (public and self-hosted) platforms, so just one URL won't be enough. I thought about a more general solution to the problem.
As many platforms offer a similar protocol, it would make sense to allow admins to register protos (like lp and gh) in /etc/ssh/ ssh_import_ id.
My ideal format for that file would look as following:
{ /launchpad. net/~%s/ +sshkeys", /launchpad. net/~%s/ +sshkeys" /api.github. com/users/ %s/keys" /gitlab. com/%s. keys" /api.self- hosted- server. example. com/users/ %s/keys"
"_comment_": "...",
"URL": "https:/
"protos": {
"lp": {
"URL": "https:/
},
"gh": {
"URL": "https:/
},
"gl": {
"URL": "https:/
},
"home": {
"URL": "https:/
}
}
}
This would offer much greater flexibility and would allow us to draw on our different solutions without touching the defaults.
It might be possible even to add a hint, if the format is GH's JSON or ssh's authorized_keys as used by LP.