Add ssh key to freeipa user
It is easy to set the ssh key for a FreeIPA user.
ipa user-mod ${USER} --sshpubkey="$( cat ~/.ssh/id_rsa.pub )"
It's also easy to set two ssh keys for a user.
ipa user-mod ${USER} --sshpubkey="$( cat ~/.ssh/id_rsa.pub )" --sshpubkey="$( cat ~/.ssh/second_rsa.pub )"
Each of these commands above will set the only key(s) in the domain. It will remove any that are already there. To add a public key in addition to leaving the old ones in place, use a one-liner.
eval ipa user-mod ${USER} $( ipa user-show ${USER} --all | awk '/SSH public key:/{$1="";$2="";$3="";print}' | sed -r -e 's/ *, */\n/g;' -e 's/^\s*//g;' | while read line ; do printf '%s ' "--sshpubkey='${line}'" ; done ; ) --sshpubkey="'$( cat ~/.ssh/id_rsa.pub )'"
One could also choose to parse the output of sss_ssh_authorizedkeys but I wrote this one first!
Comments