Automating SSH Key Generation for Multiple Users

Automating repetitive tasks in a Linux environment can significantly improve efficiency and reduce the risk of errors. One common task is generating SSH key pairs for multiple users, which is essential for secure access to remote servers. In this blog post, we'll explore how to automate this process using a Bash script.

Understanding SSH Key Pairs

SSH (Secure Shell) keys provide a secure way to authenticate and establish encrypted connections between devices over a network. Each SSH key pair consists of a public key and a private key. The public key is shared with remote servers, while the private key is kept securely on the user's machine.

The Bash Script

We'll create a Bash script to automate the generation of SSH key pairs for multiple users. The script will read usernames from a file, generate SSH key pairs with a passphrase, and save them in the appropriate directory.

Here's a breakdown of the script:

• Check Usernames File: The script checks if the file containing usernames exists. If not, it displays an error message and exits.

• Read Usernames: It reads usernames from the file and populates an array with them.

• Generate SSH Key Pair Function: This function generates an SSH key pair for a given user. It accepts the username and key name as parameters and uses ssh-keygen to create the keys with a passphrase.

• Main Script: It iterates over the array of usernames and calls the generate_ssh_key function for each user, passing the appropriate parameters.

Using the Script

To use the script, follow these steps:

• Create a file named usernames.txt containing the usernames, with each username on a new line.

• Set the passphrase in the script to your desired value.

• Make the script executable using chmod +x generate_ssh_keys.sh.

#!/bin/bash

# Author: Lalatendu K Swain

# Path to the file containing usernames

usernames_file="usernames.txt"

# Check if the usernames file exists

if [ ! -f "$usernames_file" ]; then

    echo "Usernames file not found: $usernames_file"

    exit 1

fi

# Array to store usernames

declare -a users=()

# Read usernames from file and populate the array

while IFS= read -r line; do

    users+=("$line")

done < "$usernames_file"

# Set the passphrase

passphrase="123456789"

# Function to generate SSH key pair with passphrase and KDF rounds

generate_ssh_key() {

    local user=$1

    local key_name=$2

    echo "Generating SSH key pair for $user"

    ssh-keygen -t ed25519 -a 100 -C "Login to Prod Server from $user SYSTEM" -N "$passphrase" -f ~/.ssh/$key_name

    if [ $? -ne 0 ]; then

        echo "Failed to generate key for $user"

    else

        echo "Key generated successfully for $user"

    fi

}

# Main script

for user in "${users[@]}"; do

    key_name="${user}_ed25519_key"

    generate_ssh_key "$user" "$key_name"

done

• Run the script using ./generate_ssh_keys.sh.

Conclusion

Automating the generation of SSH key pairs for multiple users streamlines the process and ensures consistency across systems. By using a Bash script, we can easily manage this task in a Linux environment. This approach not only saves time but also reduces the potential for human error, contributing to a more secure and efficient workflow.

https://github.com/Lalatenduswain/automate-the-generation-of-SSH-key-pairs