The Rub

Automatically Simple Since 2002

Generate gitolite Key Directory from Existing authorized_keys Files

04 November 2011

One thing that Gitolite leaves to the administrator is SSH key management. However, all of the tools are available to automate key management if there is an existing key infrastructure.

In this case, SSH keys already existed on a NFS-backed shared home directory. The following is a script to traverse the home directory for public keys and add them to gitolite.

#!/bin/sh

# Script to generate a gitolite style key directory from existing
# authorized_keys files. Supports multiple key files.
#
# IN: /home/*/.ssh/authorized_keys files
# OUT:
#     keydir/
#     keydir/user1
#     keydir/user1/1/user.pub
#     keydir/user1/2/user.pub
#     keydir/user1/3/user.pub
#     keydir/user1/4/user.pub
#     keydir/user2
#     keydir/user2/1/user.pub
#     keydir/user3
#     keydir/user3/1/user.pub
#     keydir/user3/2/user.pub
#
# TODO:
#   - If a .ssh directory is not readable, it will be silently ignored.

git pull

keydir=keydir
rm -rf ${keydir}
for file in `ls /home/*/.ssh/authorized_keys`; do
    count=1
    user=`echo $file | cut -d / -f 3`
    cat ${file} | sort | uniq | while read line; do

        # Skip lines that do not begin with "ssh-"
        if [ ! $(echo ${line} | cut -c 1-4) = "ssh-" ]; then
            continue
        fi

        # Add the keys
        mkdir -p ${keydir}/${user}/${count}
        echo ${line} > ${keydir}/${user}/${count}/${user}.pub
        count=`expr $count + 1`
    done
done

git add keydir
git commit -a -m "Update keydir" && git push