Create self-contained SSH key scripts

Sep 12, '07 07:30:04AM

Contributed by: Anonymous

I was playing around with making SSH access to a remote machine as easy as possible for my other half. Initially, I generated a key pair using ssh-keygen and installed the public key on the server as usual, put the private key in a folder with a .command (double-clickable shell script for Finder) script like the following:

#!/bin/bash
# chimpy.command - Logs user bob into chimpy using private
# key bob.dsa

ssh -i ./bob.dsa bob@chimpy.sampsa.com
Alas, that did not work as the .command file sets the current working directory to the user's home directory, not the directory it was executed from. Annoying. But then I realized that as the key is actually a text file, so why not make the key itself an executable script?

Luckily SSH is clever enough to ignore any superfluous text in the key file, so I renamed the bob.dsa key file to chimpy.command, and made it look like the following:

#!/bin/bash
# chimpy.command - Logs user bob into chimpy using private 
# key included in this file

ssh bob@chimpy.sampsa.com -i $0
exit

-----BEGIN RSA PRIVATE KEY-----
jXtyd8SY9+SPTtShJsTy8Ora21YJXT7SxZKyB7bFInDjOgD1B3n+FE8yjMBjCJ/yIN
HYb8fstlzoEcAqPPAuYWfsRBg7RM245GDJ3usSfSCfxMdk4kybGh9FXq51ddELZ4
352ne5AKBQuxy3XsoYnRsxHgg1jzbOlTJRUcojUK/t......
-----END RSA PRIVATE KEY-----
And it worked! I thought this is really quite cool, a single text file that you can move around and use to gain secured remote access to another machine.

[robg adds: This post originally appeared on the author's blog, and he granted permission to reproduce it in full here on macosxhints.com.]

Comments (11)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20070912062816694