|author||Ben Burwell <email@example.com>||2018-11-28 00:41:55 -0500|
|committer||Ben Burwell <firstname.lastname@example.org>||2018-11-28 00:41:55 -0500|
Add license and readme
2 files changed, 58 insertions, 0 deletions
diff --git a/LICENSE b/LICENSE
new file mode 100644
@@ -0,0 +1,21 @@
+Copyright (c) 2018 Ben Burwell
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
diff --git a/README.md b/README.md
new file mode 100644
@@ -0,0 +1,37 @@
+# GitHub SSH AuthorizedKeysCommand Utility
+Use the SSH public keys you've added to GitHub to log in to your machines!
+## 0. Compile for your target OS
+Currently, ghsshauth has been tested on Debian and FreeBSD, but should basically
+support all UNIX-like systems. Feel free to send patches.
+$ git clone email@example.com:benburwell/ghsshauth.git
+$ cd ghsshauth
+$ GOOS=linux GOARCH=amd64 go build
+## 1. Configure host
+Put the binary in `/usr/local/sbin` and make sure it's owned by root and is
+chmodded to 755. Open `/etc/ssh/sshd_config`, find the `AuthorizedKeysCommand`
+line, and change it to:
+AuthorizedKeysCommand /usr/local/sbin/ghsshauth %h
+(the `%h` represents the home directory of the user being authenticated).
+In your home directory, create the file `.ssh/authorized_github_users` and add
+your GitHub username (and any other username you want to have access) to the
+file, one per line. You can begin lines with the `#` character to have them be
+**IMPORTANT:** You'll need to make sure that the `AuthorizedKeysCommandUser` has
+read access to the entire path up to your `authorized_github_users` file, i.e.
+your home directory needs to be `chmod 755` as does your `.ssh` directory. Be
+sure that any secret keys in your `.ssh` directory such as `id_rsa` are `chmod 600`!