Allows users to set their ssh key against their google user account + sync user/group/key map in s3
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
Dockerfile multistage build Sep 19, 2018
LICENSE
README.md fmt Aug 6, 2018
main.go new oidc endpoints Sep 21, 2018
manager_test.go rename to be more idiomatic Feb 20, 2018
sync.go further lint fixes Feb 20, 2018

README.md

ssh-key-manager

Docker Repository on Quay

  • allows users to set their ssh public keys in their Google GSuite account
  • does a periodic sync of all specified groups (members + ssh keys) from Google to AWS s3

server

Required environment variables:

env var example desc
SKM_CLIENT_ID xxx.apps.googleusercontent.com Google oidc client id
SKM_CLIENT_SECRET xxxxxxxx Google oidc client secret
SKM_CALLBACK_URL https://app/callback Callback URI where user will be redirected after successful Google interaction
SKM_AWS_ACCESS_KEY_ID AKIAXXXXXXXXXXXXXXXX AWS access key
SKM_AWS_SECRET_ACCESS_KEY xxxxxxxxxxxxxxxxxxxxx AWS secret access key
SKM_AWS_BUCKET bucket-name AWS s3 bucket name
SKM_SA_KEY_LOC /etc/skm/sa-key.json Location on disk where Google service account key is (json format)
SKM_GROUPS "group@gsuite-domain.com" comma seperated list of groups that will be synced to s3

client

Use https://github.com/utilitywarehouse/ssh-key-agent on your host to populate authorized_keys