29

Is there a way to identify with a username and password to github.com servers for the purpose of adding an ssh key to the github user account? So far everything I've read suggests that a user's ssh key must be added via the web GUI. I'm looking for the method or process of adding a key via a command line interface or else a bash/ansible/something script.

Thomas Dickey
  • 75,040
  • 9
  • 171
  • 268
cmosetick
  • 393
  • 1
  • 3
  • 4
  • 1
    How about using [some library](https://developer.github.com/libraries/) to use [GitHub's API](https://developer.github.com/v3/users/keys/)? – sr_ Jun 13 '14 at 07:08

5 Answers5

20

Update 2020

As stated in developer changes, Password authentication is going to be deprecated at:

November 13, 2020 at 16:00 UTC

Additionally, as @trysis asked in the comments, we need a solution for 2FA.

The new way is to use a personal access token: enter image description here

For our specific example (adding a ssh key), we only need write permissions (read permissions are added automatically on using write permissions): enter image description here

The updated command (via curl):

curl -H "Authorization: token YourGeneratedToken" --data '{"title":"test-key","key":"ssh-rsa AAA..."}' https://api.github.com/user/keys

This does also work when 2FA is enabled.

OLD

Auth with username and password is supported by github api:

There are three ways to authenticate through GitHub API v3. ...
Basic Authentication
$ curl -u "username" https://api.github.com
...

So just choose a lib in the language you prefer and use the implemented version of the Create a Public Key "Public Key" API Section:

Creates a public key. Requires that you are authenticated via Basic Auth, or OAuth with at least [write:public_key] scope.

INPUT
POST /user/keys

{
    "title": "octocat@octomac",
    "key": "ssh-rsa AAA..."
}

If you want to use it from command line (via curl):

curl -u "username" --data '{"title":"test-key","key":"ssh-rsa AAA..."}' https://api.github.com/user/keys

or even without prompting for password:

curl -u "username:password" --data '{"title":"test-key","key":"ssh-rsa AAA..."}' https://api.github.com/user/keys

here is a nice little tutorial for using curl to interact with github API

xx4h
  • 2,392
  • 16
  • 17
8

Similar to xx4h's answer, this is how I do it in scripts for automating new VM setups.

ssh-keygen -t rsa -b 4096 -C "[email protected]"
curl -u "myusername" \
    --data "{\"title\":\"DevVm_`date +%Y%m%d%H%M%S`\",\"key\":\"`cat ~/.ssh/id_rsa.pub`\"}" \
    https://api.github.com/user/keys

It gives you a new SSH key, includes it in the curl call and gives a unique but still easily identifiable name for each one on the GitHub side (e.g. running now would give DevVm_150602142247).

nathanchere
  • 181
  • 1
  • 5
2
#!/bin/bash

set -xe
myemail="your-email"

#your personal access token
git_api_token="befdf14c152d6f2ad8cff9c5affffffffffffffffff"

#We'll use the HTTPS to push a ssh key to git, SSH for pull/push configuration
gitrepo_ssh="[email protected]:person/repo.git"
gitrepo_https="https://github.com/person/repo.git"

#Generating SSH key:
ssh-keygen -f "${HOME}/.ssh/id_rsa" -t rsa -b 4096 -C "${myemail}" -N ''
sslpub="$(cat ${HOME}/.ssh/id_rsa.pub |tail -1)"

#git API path for posting a new ssh-key:
git_api_addkey="https://api.$(echo ${gitrepo_https} |cut -d'/' -f3)/user/keys"

#lets name the ssh-key in get after the hostname with a timestamp:
git_ssl_keyname="$(hostname)_$(date +%d-%m-%Y)"

#Finally lets post this ssh key:
curl -H "Authorization: token ${git_api_token}" -H "Content-Type: application/json" -X POST -d "{\"title\":\"${git_ssl_keyname}\",\"key\":\"${sslpub}\"}" ${git_api_addkey}
Darren Dwyer
  • 21
  • 1
0

Another option is to use an API token... I use the following on our internal gitLab server

snippet:

#!/bin/bash

myemail="[email protected]"

# User API token can be found: "https://git.labs.domain.com/profile/account"
git_api_token="m3iP27Jh8KSgNmWAksYp"

# We'll use the HTTPS to push a ssh key to git, SSH for pull/push configuration
gitrepo_ssh="[email protected]:devops/automation.git"
gitrepo_https="https://git.labs.domain.com/devops/automation.git"

########################]  D O   N O T   C H A N G E  [########################

# Generating SSH key:
ssh-keygen -f "${HOME}/.ssh/id_rsa" -t rsa -b 4096 -C "${myemail}" -N ''
sslpub="$(cat ${HOME}/.ssh/id_rsa.pub |tail -1)"

# git API path for posting a new ssh-key:
git_api_addkey="https://$(echo ${gitrepo_https} |cut -d'/' -f3)/api/v3/user/keys"

# lets name the ssh-key in get after the hostname with a timestamp:
git_ssl_keyname="$(hostname)-$(date +%Y%m%d%H%M%S)"

# Finally lets post this ssh key:
curl -H "PRIVATE-TOKEN: ${git_api_token}" -H "Content-Type: application/json" \
    -X POST -d "{\"title\":\"${git_ssl_keyname}\",\"key\":\"${sslpub}\"}"     \
    ${git_api_addkey}
Lars
  • 3
  • 3
0

With the new GitHub CLI gh, you have gh auth login + gh ssh add

Add an SSH key to your GitHub account

gh ssh-key add [<key-file>] [flags]
VonC
  • 151
  • 1
  • 2
  • 14