Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
"ssh setup" feature
See original GitHub issueWe came up with a neat feature idea at PyCon: using magic-wormhole to set up SSH pubkeys.
The use case is that Alice owns a computer, and wants to give Bob SSH acccess to it. Either Alice is root on the host and she’s setting up a new account for Bob, or Alice is a normal user (logged in already) and is trying to add her own pubkey.
Alice runs something like wormhole add-ssh, maybe as wormhole add-ssh --user=bob. Then Bob runs wormhole send-ssh. The add-ssh command generates and displays a wormhole code. The send-ssh command looks in ~/.ssh/, finds your pubkeys, and asks you which one you want to send, then accepts the wormhole code, and sends the pubkey. When add-ssh receives the pubkey, it appends it to ~/.ssh/authorized_keys of the given user account.
Issue Analytics
- State:
- Created 7 years ago
- Comments:8 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
This feature is in
magic-wormhole 0.10.5but I don’t see it in the docs anywhere. Am I missing it, or could some documentation be added?https://magic-wormhole.readthedocs.io/en/latest/search.html?q=ssh&check_keywords=yes&area=default
I have to say I really don’t like this “wormhole adduser” proposal. It seems in violation of a lot of unix-y principles I hold dear, and I would certainly never use such a feature. I really don’t think wormhole should get in the business of creating user accounts on systems, or do anything that would require superuser privileges for that matter.
I think all an ssh feature should do is just send a specified pubkey, and then receive a pubkey and append it to the authorized_keys file of the user calling it. So something like this would be most intuitive to me:
wormhole ssh send [~/.ssh/id_rsa.pub]where you can optionally specify the pubkey file (~/.ssh/id_rsa.pub otherwise), and
wormhold ssh receive [~/.ssh/authorized_keys]where you can optionally specify the authorized_keys file to which the received key is appended (~/.ssh/authorized_keys otherwise). It should probably be smart enough to not double add the same key for the same host.
That would very naturally cover the most common use cases in the most intuitive manner. If wormhole did anything beyond this it would be extremely unexpected imho.
If you want to add a key to a different user then why not just:
sudo -u otheruser wormhold ssh receive