mietzen · October 16, 2022 14:23 · mietzen · Oct 16, 2022
diff --git a/change_ssh_pub_key.sh b/change_ssh_pub_key.sh
 #!/bin/bash -xe
 NEW_PUB_KEY="$HOME/.ssh/id_ed25519.pub"
 OLD_PUB_KEY="$HOME/.ssh/id_rsa.pub"
 NEW_PUB_KEY_STR=$(cat ${NEW_PUB_KEY})
 OLD_PUB_KEY_STR=$(cat ${OLD_PUB_KEY} | cut -d' ' -f2)

 for IP in $(cat ip-list-ssh.txt); do
    # Backup authorized_keys
    ssh ${USER}@${IP} "cp ~/.ssh/authorized_keys{,.bak}"
    # Add new key to authorized_keys
    ssh ${USER}@${IP} "echo ${NEW_PUB_KEY_STR} >> ~/.ssh/authorized_keys"
    # Test new key
    if ssh -o IdentitiesOnly=yes -i ${NEW_PUB_KEY} ${USER}@${IP} 'exit'; then
        # Remove old key (with or without comments)
        ssh ${USER}@${IP} "grep -v '${OLD_PUB_KEY_STR}' ~/.ssh/authorized_keys > /tmp/authorized_keys"
        ssh ${USER}@${IP} "mv /tmp/authorized_keys ~/.ssh/authorized_keys"
    else
        echo "FAILED: ${USER}@${IP}"
        ssh ${USER}@${IP} "mv ~/.ssh/authorized_keys{.bak,}"
    fi
 done
	#!/bin/bash -xe
	NEW_PUB_KEY="$HOME/.ssh/id_ed25519.pub"
	OLD_PUB_KEY="$HOME/.ssh/id_rsa.pub"
	NEW_PUB_KEY_STR=$(cat ${NEW_PUB_KEY})
	OLD_PUB_KEY_STR=$(cat ${OLD_PUB_KEY} \| cut -d' ' -f2)

	for IP in $(cat ip-list-ssh.txt); do
	# Backup authorized_keys
	ssh ${USER}@${IP} "cp ~/.ssh/authorized_keys{,.bak}"
	# Add new key to authorized_keys
	ssh ${USER}@${IP} "echo ${NEW_PUB_KEY_STR} >> ~/.ssh/authorized_keys"
	# Test new key
	if ssh -o IdentitiesOnly=yes -i ${NEW_PUB_KEY} ${USER}@${IP} 'exit'; then
	# Remove old key (with or without comments)
	ssh ${USER}@${IP} "grep -v '${OLD_PUB_KEY_STR}' ~/.ssh/authorized_keys > /tmp/authorized_keys"
	ssh ${USER}@${IP} "mv /tmp/authorized_keys ~/.ssh/authorized_keys"
	else
	echo "FAILED: ${USER}@${IP}"
	ssh ${USER}@${IP} "mv ~/.ssh/authorized_keys{.bak,}"
	fi
	done