1.9 KiB
Import ssh keys for public key authentication
ℹ️️ Info: This module can not be used on its own but requires the base installation. See main README for details.
Description
RouterOS supports ssh login with public key authentication. The functions in this module help importing the keys.
Requirements and installation
Just install the module:
$ScriptInstallUpdate mod/ssh-keys-import;
Usage and invocation
Import single key from terminal
Call the function $SSHKeysImport
with key and user as parameter to
import that key:
$SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin;
Starting with RouterOS 7.12beta1 support for keys of type ed25519
has
been added:
$SSHKeysImport "ssh-ed25519 AAAAC3Nza...ZVugJT user" admin;
The third part of the key (user
in this example) is inherited as
key-owner
in RouterOS. Also the MD5
fingerprint is recorded, this helps
to audit and verify the available keys.
ℹ️️ Info: Use
ssh-keygen
to show a fingerprint of an existing public key file:ssh-keygen -l -E md5 -f ~/.ssh/id_ed25519.pub
Import several keys from file
The functions $SSHKeysImportFile
can read an authorized_keys
-style file
and import all the keys. The user given to the function can be overwritting
from comments in the file. Create a file keys.pub
with this content:
ssh-ed25519 AAAAC3Nza...3OcN8A user@client
ssh-rsa AAAAB3Nza...ozyts= worker@station
# user=example
ssh-rsa AAAAB3Nza...GXQVk= person@host
Then import it with:
$SSHKeysImportFile keys.pub admin;
This will import the first two keys for user admin
(as given to function)
and the third one for user example
(as defined in comment).