SSH密钥登录管理脚本

闲来无事写了一个脚本用来一键管理ssh密钥登录,可以完成以下功能

1.创建ssh密钥

2.添加自己的密钥

3.列出所有密钥

4.删除指定密钥

5.关闭密码登录

6.修改ssh端口

以下是脚本内容,chmod +x 脚本后,直接运行就行了,适应大部分Linux操作系统

注意,debian12 或者ubuntu24这些最新的操作系统,一定要注意选择使用ed25519,不然的话添加不进去,因为最新的操作系统上,使用的都是OpenSSH 8.0以上

OpenSSH 8.3 开始，RSA Key 登录默认被禁用，并被认为不安全。

所以自从 Ubuntu 22.04 和 Debian 12 开始，如果某些古老的业务需要使用 RSA Key 登录，你需要手动开启 RSA Key 登录。

#!/bin/bash

# Function to add an SSH key to the authorized_keys file
add_ssh_key_to_authorized_keys() {
  local key_path="$1"
  cat "$key_path" >> ~/.ssh/authorized_keys
  echo "SSH public key has been added to authorized_keys."
}

# Function to paste an existing public key
paste_public_key() {
  echo "Please paste your public SSH key:"
  read pub_key
  echo "$pub_key" >> ~/.ssh/authorized_keys
  echo "Public SSH key has been added successfully."
}

# Function to create and add a new SSH key
create_and_add_ssh_key() {
  echo "Select the encryption algorithm:"
  echo "1. RSA (not recommended for newer systems like Debian 12 or Ubuntu 24)"
  echo "2. ED25519 (recommended for all systems)"
  echo "3. Return to previous menu"
  read -p "Option: " alg_option

  local key_type=""
  local key_path=""

  case $alg_option in
    1)
      key_type="rsa"
      key_path="$HOME/.ssh/id_rsa"
      ssh-keygen -t rsa -b 4096 -f $key_path -C ""
      ;;
    2)
      key_type="ed25519"
      key_path="$HOME/.ssh/id_ed25519"
      ssh-keygen -t ed25519 -f $key_path -C ""
      ;;
    3)
      return
      ;;
    *)
      echo "Invalid option. Please select 1, 2, or 3."
      return
      ;;
  esac

  add_ssh_key_to_authorized_keys "${key_path}.pub"
  echo "A new SSH key has been created and added successfully."
  echo "Your private key is stored at $key_path. Please keep it secure."
  echo "Private key contents:"
  cat $key_path
  echo "Public key contents:"
  cat "${key_path}.pub"
}

# Main menu function
main_menu() {
  while true; do
    echo "Select an option:"
    echo "1. Add SSH key"
    echo "2. List current SSH keys"
    echo "3. Delete a specific SSH public key"
    echo "4. Change SSH port"
    echo "5. Disable password login"
    echo "6. Exit"
    read -p "Option: " option

    case $option in
      1)
        add_ssh_key_menu
        ;;
      2)
        echo "Current SSH keys in authorized_keys:"
        cat ~/.ssh/authorized_keys
        ;;
      3)
        delete_ssh_key
        ;;
      4)
        change_ssh_port
        ;;
      5)
        disable_password_login
        ;;
      6)
        break
        ;;
      *)
        echo "Invalid option. Please select a valid number from 1 to 6."
        ;;
    esac
  done
}

# Add SSH key menu
add_ssh_key_menu() {
  echo "Select an option:"
  echo "1. Paste an existing public key"
  echo "2. Create and add a new SSH key"
  echo "3. Return to main menu"
  read -p "Option: " add_key_option

  case $add_key_option in
    1)
      paste_public_key
      ;;
    2)
      create_and_add_ssh_key
      ;;
    3)
      return
      ;;
    *)
      echo "Invalid option. Please select 1, 2, or 3."
      ;;
  esac
}

# Run the main menu function
main_menu