tedivm/authorized_keys_command.sh

## authorized_keys_command.sh
#!/usr/bin/env bash

# Explicit "allow" list in case Github users overlap with system users
ALLOWED_USERS="tedivm"
KEY_URL="https://github.com/${1}.keys"

if [[ -z $1 ]]; then
  >&2 echo "Username required."
  exit 1
fi

if [[ ! " $ALLOWED_USERS " =~ .*\ $1\ .* ]]; then
  >&2 echo "User not in allowed list."
  exit 1
fi

TMP_AUTHORIZED_KEYS=$(mktemp)
HTTP_STATUS=$(curl -m 5 -s -o $TMP_AUTHORIZED_KEYS -w "%{http_code}" $KEY_URL)
PUBLIC_KEYS=$(cat $TMP_AUTHORIZED_KEYS)
rm $TMP_AUTHORIZED_KEYS

if [ $HTTP_STATUS != "200" ]; then
  >&2 echo "Pulling keys from Github failed with status code ${HTTP_STATUS}"
  exit 1
else
  echo "$PUBLIC_KEYS" > ~/.ssh/authorized_keys2
  cat ~/.ssh/authorized_keys2
fi
	#!/usr/bin/env bash

	# Explicit "allow" list in case Github users overlap with system users
	ALLOWED_USERS="tedivm"
	KEY_URL="https://github.com/${1}.keys"

	if [[ -z $1 ]]; then
	>&2 echo "Username required."
	exit 1
	fi

	if [[ ! " $ALLOWED_USERS " =~ .\ $1\ . ]]; then
	>&2 echo "User not in allowed list."
	exit 1
	fi

	TMP_AUTHORIZED_KEYS=$(mktemp)
	HTTP_STATUS=$(curl -m 5 -s -o $TMP_AUTHORIZED_KEYS -w "%{http_code}" $KEY_URL)
	PUBLIC_KEYS=$(cat $TMP_AUTHORIZED_KEYS)
	rm $TMP_AUTHORIZED_KEYS

	if [ $HTTP_STATUS != "200" ]; then
	>&2 echo "Pulling keys from Github failed with status code ${HTTP_STATUS}"
	exit 1
	else
	echo "$PUBLIC_KEYS" > ~/.ssh/authorized_keys2
	cat ~/.ssh/authorized_keys2
	fi