routeros-scripts/doc/mod/ssh-keys-import.md
2024-01-30 00:31:36 +01:00

66 lines
1.9 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Import ssh keys for public key authentication
=============================================
[⬅️ Go back to main README](../../README.md)
> **Info**: This module can not be used on its own but requires the base
> installation. See [main README](../../README.md) for details.
Description
-----------
RouterOS supports ssh login with public key authentication. The functions
in this module help importing the keys.
Requirements and installation
-----------------------------
Just install the module:
$ScriptInstallUpdate mod/ssh-keys-import;
Usage and invocation
--------------------
### Import single key from terminal
Call the function `$SSHKeysImport` with key and user as parameter to
import that key:
$SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin;
Starting with RouterOS *7.12beta1* support for keys of type `ed25519` has
been added:
$SSHKeysImport "ssh-ed25519 AAAAC3Nza...ZVugJT user" admin;
The third part of the key (`user` in this example) is inherited as
`key-owner` in RouterOS. Also the `MD5` fingerprint is recorded, this helps
to audit and verify the available keys.
> **Info**: Use `ssh-keygen` to show a fingerprint of an existing public
> key file: `ssh-keygen -l -E md5 -f ~/.ssh/id_ed25519.pub`
### Import several keys from file
The functions `$SSHKeysImportFile` can read an `authorized_keys`-style file
and import all the keys. The user given to the function can be overwritting
from comments in the file. Create a file `keys.pub` with this content:
```
ssh-ed25519 AAAAC3Nza...3OcN8A user@client
ssh-rsa AAAAB3Nza...ozyts= worker@station
# user=example
ssh-rsa AAAAB3Nza...GXQVk= person@host
```
Then import it with:
$SSHKeysImportFile keys.pub admin;
This will import the first two keys for user `admin` (as given to function)
and the third one for user `example` (as defined in comment).
---
[⬅️ Go back to main README](../../README.md)
[⬆️ Go back to top](#top)