by robinricard on 6/16/14, 11:44 AM
I use it to set user access to my company's servers with ansible automatically. I just have to set a list of github usernames and it generates a list of users with their ssh key access setup !
by kentwistle on 6/16/14, 11:27 AM
Found out about this today, you can prepend any GitHub username with .keys to fetch their public keys.
by intull on 6/16/14, 1:24 PM
Is this supposed to be okay? I mean, even though they are public keys, its not like I really want them to be _that_ public!
by mixologic on 6/16/14, 2:23 PM
Seems like this would be a good way to frame somebody else. Hack into a server, do some damage/steal files, and drop
somebody elses public key on the server.
"But I didnt do it!" - Then why was your key on the server?
by rlpb on 6/16/14, 5:00 PM
Something similar has been available on Launchpad for years. There's a tool called "ssh-import-id". If I want to give you access to an Ubuntu server, I might type "ssh-import-id kentwistle". This would fetch public keys that the kentwistle user on Launchpad has published over HTTPS and then add them to ~/.ssh/authorized_keys.
I don't think there's any reason that ssh-import-id needs to be Launchpad-specific.
by akerl_ on 6/16/14, 11:48 AM
It's worth noting that this shows only "verified" keys, which are keys that have been added to the account and used at least once.
by lloeki on 6/16/14, 5:37 PM
Github leverages such content-type negotiation for other resources too: add .diff or .patch to commits or pull requests. There's a way to get git am compatible data too.
by drunken_thor on 6/16/14, 1:01 PM
I am glad my email doesn't show up in there.