Most of the software projects that we see at Stack Builders have a
couple of things in common: they use GitHub to manage access to source
code, and they deploy to Linux servers. Developers are granted
permission to access the servers by adding ther SSH public keys to
~/.ssh/authorized_keys.
How much simpler can we make this process? For a long time, GitHub has exposed users' public keys via an API endpoint. Why not use these keys to automatically grant GitHub users on your team permission to log in to your Linux servers?
It turns out that a configuration option, AuthorizedKeysCommand, was
recently added to the OpenSSH daemon. The
idea of this configuration option is that you simply
point the ssh daemon to an executable on your system, and the valid
public keys for a given user will be read from the output of the
command.
So far, it looks like the open-source uses of this command are restricted to pulling keys from LDAP. We decided to roll our own integration between GitHub and OpenSSH, and we have it in use on some test servers internally. Voilà! Changing permissions on an entire server cluster is simply a matter of adding or removing a GitHub user from a team.
Of course, using this means that your servers are only as secure as
your GitHub account, and GitHub's own security mechanisms for keeping
your account safe (we'd suggest at least enforcing
two-factor authentication on GitHub
if you use this approach seriously, since by using this, anyone who
can manage your GitHub teams can log in to your servers by simply
adding their GitHub account to your team). If you're willing to accept
that risk, consider giving openssh-github-keys a shot.
You can find more detailed usage instructions in the project GitHub repo, and the published package on Hackage (of course, we wrote it in Haskell!).
Ready to give it a try? Let us know how it works in the comments on
this page, or
open an issue on the openssh-github-keys tracker if you have any problems.
