Last active
January 18, 2026 21:56
-
-
Save kmassada/81938de78714eb4f9166 to your computer and use it in GitHub Desktop.
Quick setup for ssh, and ssh config file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Default Values | |
| SSH_USER=$(whoami) | |
| SSH_HOST="" | |
| KEY_MODE="generate_rsa" | |
| KEY_PATH_BASE="$HOME/.ssh" | |
| SSH_PORT=22 | |
| COPY_TO_CLIPBOARD=false | |
| PUSH_TO_REMOTE="" | |
| usage() { | |
| echo "Usage: $0 --host <host> [--user <user>] [--mode <mode>] [--path <path>]" | |
| echo "" | |
| echo "Options:" | |
| echo " -h, --host Target host (Required. e.g., github.com)" | |
| echo " -u, --user SSH user (Defaults to current user)" | |
| echo " -m, --mode Mode: generate_rsa (default), generate_hardware_key, pull_from_gcloud" | |
| echo " -p, --path Base directory for keys (Defaults to ~/.ssh)" | |
| echo " -c, --clip Copy public key to macOS clipboard (pbcopy)" | |
| echo " --push <dest> Push public key to remote host (e.g., --push admin@10.0.0.5)" | |
| exit 1 | |
| } | |
| # Parse Arguments | |
| while [[ $# -gt 0 ]]; do | |
| case $1 in | |
| -h|--host) SSH_HOST="$2"; shift 2 ;; | |
| -u|--user) SSH_USER="$2"; shift 2 ;; | |
| -m|--mode) KEY_MODE="$2"; shift 2 ;; | |
| -p|--path) KEY_PATH_BASE="$2"; shift 2 ;; | |
| -c|--clip) COPY_TO_CLIPBOARD=true; shift ;; | |
| --push) PUSH_TO_REMOTE="$2"; shift 2 ;; | |
| *) usage ;; | |
| esac | |
| done | |
| # Validation | |
| if [[ -z "$SSH_HOST" ]]; then | |
| echo "β Error: Host is required." | |
| usage | |
| fi | |
| KEY_FILE="$KEY_PATH_BASE/$SSH_USER@$SSH_HOST" | |
| # --- 1. Environment Setup --- | |
| mkdir -p "$KEY_PATH_BASE" | |
| chmod 700 "$KEY_PATH_BASE" | |
| touch "$KEY_PATH_BASE/authorized_keys" | |
| chmod 600 "$KEY_PATH_BASE/authorized_keys" | |
| # --- 2. Key Acquisition --- | |
| if [[ -f "$KEY_FILE" ]]; then | |
| echo "βΉοΈ Key already exists at $KEY_FILE. Skipping generation." | |
| else | |
| case $KEY_MODE in | |
| "generate_rsa") | |
| echo "π Generating RSA 4096 key..." | |
| ssh-keygen -t rsa -b 4096 -f "$KEY_FILE" -P '' | |
| ;; | |
| "generate_hardware_key") | |
| echo "π Generating ECDSA-SK hardware key..." | |
| ssh-keygen -t ecdsa-sk -f "$KEY_FILE" -P '' | |
| ;; | |
| "pull_from_gcloud") | |
| SECRET_NAME=$(echo "$SSH_HOST" | tr . -) | |
| echo "βοΈ Pulling secret [$SECRET_NAME] from GCloud..." | |
| gcloud secrets versions access latest --secret="$SECRET_NAME" > "$KEY_FILE" | |
| ;; | |
| *) | |
| echo "β Invalid mode: $KEY_MODE" | |
| exit 1 | |
| ;; | |
| esac | |
| fi | |
| # --- 3. Permissions & Config --- | |
| chmod 600 "$KEY_FILE" | |
| if ! grep -q "Host $SSH_HOST" "$KEY_PATH_BASE/config"; then | |
| echo "π Updating SSH config..." | |
| cat >> "$KEY_PATH_BASE/config" << EOF | |
| Host $SSH_HOST | |
| HostName $SSH_HOST | |
| User $SSH_USER | |
| IdentityFile $KEY_FILE | |
| Port $SSH_PORT | |
| EOF | |
| chmod 600 "$KEY_PATH_BASE/config" | |
| echo "β Success! Configured $SSH_HOST with $KEY_FILE" | |
| else | |
| echo "βΉοΈ Host $SSH_HOST already exists in config. Skipping update." | |
| fi | |
| # --- 4. Export Actions --- | |
| # Copy to Clipboard | |
| if [ "$COPY_TO_CLIPBOARD" = true ]; then | |
| if command -v pbcopy > /dev/null; then | |
| cat "${KEY_FILE}.pub" | pbcopy | |
| echo "π Public key copied to clipboard (pbcopy)." | |
| else | |
| echo "β οΈ pbcopy not found, skipping clipboard." | |
| fi | |
| fi | |
| # Push to Remote | |
| if [ -n "$PUSH_TO_REMOTE" ]; then | |
| echo "π Pushing public key to $PUSH_TO_REMOTE..." | |
| ssh-copy-id -i "${KEY_FILE}.pub" "$PUSH_TO_REMOTE" | |
| fi | |
| echo "β Done. Key: $KEY_FILE" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment