Rotation Of SSH Keys from Central Server
I have already written a script to handle this, but am always looking to improve. The dependency of my script is the ssh-keygen and ssh-copy-id is installed.
Assumption Key Auth is already setup
1. generate a ssh-key with a comment of todays date
2. ssh-copy-id the new key to a server
3. run sed over ssh to server where key was just copied removing line containing the string of the previous months date from the authorized_keys file.
4. Overwrite new generated key file onto old key file.
if [ -f /tmp/id_rsa_temp ];then
rm -f /tmp/id_rsa_temp
ssh-keygen -b 2048 -C "KEY REFRESHED - $DATE" -t rsa -f /tmp/id_rsa_temp -N ''
ssh-copy-id -i /tmp/id_rsa_temp.pub $USER@DESTINATION
cp /tmp/id_rsa_temp ~/.ssh/id_rsa
cp /tmp/id_rsa_temp.pub ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/id_rsa.pub
chmod 600 ~/.ssh/id_rsa
ssh $USER@$DESTINATION 'sed -i '/$OLDKEY/d' .ssh/authorized_keys'