Settings files

`settings.ini`

[Settings]
key_age=90
server_list=server_list.csv
# if start with ~/ it will be replaced with $HOME
server_pem_folder=~/folder/to/admin/pems/
server_pem_archive_folder=~/tolder/for/archive/pems/

key_age is in days, default is 90
server_lust is the file name where the servers and info is stored
server_pem_folder is the location for the PEM files, eg in a ~/.ssh/ sub folder
server_pem_archive_folder is thge location for the archive files, a sub folder will be created there

server_list fiel

This file is semicolon ';' separated and not ',' as usual. The reason is that the authorization key settings block is comma separated

Sever: server name as to which to connect to
Username: the username to use to connect
Flag: currently not used
Auth Key Settings: Optional settings block for the public key entry in the auth file

Scripts

`admin-rotate-ssh-keys.sh`

Will create a new key and deploy on the server and move the PEM part to the local SSH folder

Must have -g flag set to run

`admin-remove-old-ssh-keys.sh`

Will check in the previous ssh public key folder and remove this entry from the remote server

Must have -g flag set to run

Options

For both rotate and remove ssh key

-h override single host name
-u override user name for a host
-f force key change
-c force create new key even if old key exists
-n dry run
-g flag for actual change call

`test-ssh-keys.sh`

Test access to the server and print information

Options are

-h override single host name
-u override user name for a host

`user-add-ssh-key.sh`

Add a user public key to the admin user on a server

-h override single host name
-u override user name for a host
-k user public key name
-n dry run
-g flag for actual change call

`user-remove-ssh-key.sh`

Remove a user public key from the admin user on a server

-h override single host name
-u override user name for a host
-k user public key name
-n dry run
-g flag for actual change call