Tool to deploy ssh-keys

Hello everyone,

i made a script for node-js, that can deploy new ssh keys to a defined group of devices. Its a little bit hacky and you need node-js and the balena-cli to run it. But maybe somebody else help that tool or you have some good ideas, how to improve that tool.

To the background. With the balena-sdk i load a list of all devices. Then the tool use the balena tunnel command to open a proxy tunnel to the device, logs in with ssh and loads the config.json over the stdout. Unfortunately I was not able to use scp for that. After that the tool add the keys to the local version of the config.json and writes then the config again over stdout back and command the device to reboot.

Disclaimer: The tool modifies the config.json on your device. That is not without danger. I tested the tool at first with devices, that I can access. A damaged config.json can lead to a device, that is not able to connect to the VPN again.

Hi,

It’s nice to see custom tools being developed.

I do want to point out that configizer from the Balena team is a thing that allows safe-ish modifications to config.json, including SSH keys.
I have not tried it out with openBalena.

There may be reasons for developing your own tool, but at the very least it’s a good learning experience to look at the way they set up their tool.

Correct me, if i’m wrong, but you can’t use balena ssh with openBalena. So the the configizer, that use that command, won’t work with openBalena.
But maybe I can adapt parts of that tool. So I will look into it. Or maybe somebody had experience in use that tool for openBalena?