Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yeah, at our company things are done in the reverse of that script: the user generates their SSH keys, and there's a process they use to register the public key with the rest of the system.


I sometimes use GitHub for this. A developer's most up to date keychain is probably their GitHub account, so granting them access is as simple as

    curl -Ls github.com/turbo.keys >> ~/.ssh/authorized_keys
Simplified of course. A script is usually used to revoke that access shortly after. Plus 2FA SSH.


Gitlab also has a keys URL, but I can’t say if it’s available for unauthorized clients from the top of my head (currently on mobile). For me it’s usually the fastest way to authorize other team members.


I had no idea about github.com/$USER.keys. That's handy as hell.


Huh, never occurred to me to do it this way.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: