Install public key via ssh-copy-id for other users

ssh-copy-id can be used to install your public key in a remote machine's authorized_keys. Could the same command be used to install other users' public keys, if you have sudo ability?

Update: both local and remote are using Ubuntu 12.04.

Update 2: describing the procedure of creating a new user account and adding public key

(remote) Create a new user account, and set it to user public key access only.
(local) Generate a public key for the new user account (ssh-keygen).
Normally I do is to create the directory and file .ssh/authorized_keys on the remote server, then copy and paste the public key generated locally to the new user's account. What I am looking for is that if I can use ssh-copy-id to install this newly created user's public key directly into the ssh directory. Just to save a couple more commands.

realguess

Posted 2013-06-03T19:56:22.157

Reputation: 373

Answers

Not the same command but if you have sudo on the remote host, you can use ssh to remotely do the required steps. I use the following command to push my ssh key to my raspberry's root user:

cat ~/.ssh/id_rsa.pub | \
  ssh pi@192.168.1.25 \
  "sudo mkdir /root/.ssh; sudo tee -a /root/.ssh/authorized_keys"

cats my bublic key
pipes it to ssh
ssh connects to my raspberry as ssh user
on remote uses sudo to create /root/.ssh
then uses sudo with "tee -a" to append stdin (which holds the key from first cat) to /root/.ssh/authorized_keys

Just put this stuff together as a script, maybe add some chmod/chown on the remote side and you have what you need.

Michael Wyraz

Posted 2013-06-03T19:56:22.157

Reputation: 231

Beautiful and thank you for the command breakdown. – Blake Frederick – 2019-10-10T22:11:46.620

Yes :), If you, for example, are logged as ghost@ubuntu and you

ssh-copy-id root@host-ip

Than you will see, on host server in /root/.ssh/authorized_keys file key ending with ghost@ubuntu.
That means that ghost user has copied his key pair and doesn't have to type in password anymore.
I'm not sure it will work with -u <username> flag now, but you can always log as different user with

su <user_name>

and then ssh-copy-id ...

mirkobrankovic

Posted 2013-06-03T19:56:22.157

Reputation: 936

getting exec sh -c 'cd ; umask 077 ; mkdir -p .ssh && { [ -z tail -1c .ssh/authorized_keys 2>/dev/null ] || echo >> .ssh/authorized_keys ; } && cat >> .ssh/authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi' this error. – prasshant – 2019-03-28T05:12:16.930

1Will the key be installed on /root/.ssh/authorized_keys instead of /home/ghost/.ssh/authorized_keys? I just updated the procedure I am doing currently to install a public key for a new user. Just looking for a better method. Thanks! – realguess – 2013-06-04T14:11:23.683

The key will be installed in the home of the user you are connecting to remotely. You can use the -i option of ssh-copy-id to specify which key you want to copy, but you can't copy it to another directory with the normal ssh-copy-id. – user2313067 – 2013-06-04T18:22:03.910

you can specify as which user you will copy the key, if you want to log as root than ssh-copy-id root@host-ip, if you want as ghost than ssh-copy-id ghost@host-ip – mirkobrankovic – 2013-06-05T07:37:13.987

1The system was set up to permit log in by public key only. Since the user ghost was newly created, there is no public key available to the user. That's why need to install the public key for the user first, then ssh-copy-id ghost@host-ip will work. But thanks, I think a few extra commands on the remote server will not be a big deal. – realguess – 2013-06-05T16:13:31.723

yes, first need to generate pub. key localy and than ssh-copi-id to remote server – mirkobrankovic – 2013-06-06T06:33:17.380