Add copy-id command

README.md

@@ -1,14 +1,29 @@
 # Purpose
 This script allows you to ssh to a server using an SSH Key and passphrase pulled from your lastpass account.
 
-# Requirements
+# ssh.sh Script
+## Requirements
 This script requires the `lastpass-cli` and `expect` packages.
 
 The SSH Key must be stored in your lastpass account, as a Secure Note of the type SSH Key, with the Private Key and Passphrase fields filled out, at a minimum.
 
-# Usage
+## Usage
 1. Download the script to a location of your choosing, ensuring it is executable
 2. run it like this: ```./ssh.sh KEYNAME server-you-wish-to-ssh-to```
 
-# How it works
+## How it works
 This script uses the official `lastpass-cli` package to pull the private key to a file and the private key passphrase to a variable.  The script then uses that information to ssh to the requested server, and removes the private key when the connection is closed.
+
+# ssh-copy-id.sh Script
+## Requirements
+This script requires the `lastpass-cli` package.
+
+The SSH Key must be stored in your lastpass account, as a Secure Note of the type SSH Key, with the Private Key and Public Key fields filled out, at a minimum.
+
+## Usage
+1. Download the script to a location of your choosing, ensuring it is executable
+2. run it like this: ```./ssh-copy-id.sh KEYNAME server-you-wish-to-ssh-to```
+3. You will be prompted to answer if you would like to remove all old ssh keys currently installed on the remote host. This is strongly recommended.
+
+## How it works
+This script uses the official `lastpass-cli` package to pull the public and private keys to files.  The script then uses that information to run `ssh-copy-id` to requested server, and removes the key files when the connection is closed.

ssh-copy-id.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+#Maintained by Linux Operations - Russ Long - <rlong@nabancard.com>
+
+#Set variables
+keyname=${1}
+hostname=${2}
+keyfile=$HOME/.ssh/${keyname}-$(date "+%s")
+pubkeyfile=$HOME/.ssh/${keyname}-$(date "+%s").pub
+
+#Check to see if user is logged in to lastpass cli
+if lpass status | grep -q "Logged in as"; then
+  echo "Logged in to Lastpass, continuing..."
+else
+  echo "Please login with 'lpass login email@address.com'"
+  exit 1
+fi
+
+#Fetch private key and place in /home/$user/.ssh/$keyname-datetime
+lpass show $keyname --field="Private Key" > $keyfile
+chmod 0600 $keyfile
+
+#Fetch public Key and place in /home/$user/.ssh/$keyname-datetime.pub
+lpass show $keyname --field="Public Key" > $pubkeyfile
+
+#Ask user if they wish to remove old keys
+read -r -p "Do you wish to remove ALL other ssh keys for your user on $hostname? [Y/n]" removeresponse
+removeresponse=${removeresponse,,} #tolower
+if [ -z $removeresponse ]; then
+  removeresponse="y"
+fi
+if [ $removeresponse = "y" ] || [ $removeresponse = "yes" ]; then
+  echo "ALL Old keys being removed for your user, authorized_keys file on $hostname being backed up first."
+  ssh $hostname "cp .ssh/authorized_keys{,.bak} && cat /dev/null > .ssh/authorized_keys"
+else
+  echo "Something other than Yes was entered..."
+  echo ""
+  echo "Old keys will remain in place, please audit your authorized_keys file frequently!"
+  echo ""
+  echo "You may be prompted for your key passphrase for the key to be copied."
+  echo ""
+fi
+
+#Add the key to ssh-agent
+echo "Copying id to $hostname, you may be asked to authenticate to SSH."
+ssh-copy-id -i $pubkeyfile $hostname
+
+#Remove keyfiles
+rm -f $keyfile
+rm -f $pubkeyfile