i made a script for node-js, that can deploy new ssh keys to a defined group of devices. Its a little bit hacky and you need node-js and the balena-cli to run it. But maybe somebody else help that tool or you have some good ideas, how to improve that tool.
To the background. With the balena-sdk i load a list of all devices. Then the tool use the
balena tunnel command to open a proxy tunnel to the device, logs in with ssh and loads the
config.json over the stdout. Unfortunately I was not able to use scp for that. After that the tool add the keys to the local version of the config.json and writes then the config again over stdout back and command the device to reboot.
Disclaimer: The tool modifies the
config.json on your device. That is not without danger. I tested the tool at first with devices, that I can access. A damaged
config.json can lead to a device, that is not able to connect to the VPN again.