{"id":20534626,"url":"https://github.com/qbit/puber","last_synced_at":"2025-06-25T01:32:18.829Z","repository":{"id":19121342,"uuid":"22350532","full_name":"qbit/puber","owner":"qbit","description":"Public key server","archived":false,"fork":false,"pushed_at":"2017-12-21T22:57:08.000Z","size":122,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-06T03:16:25.849Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/qbit.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-07-28T16:58:33.000Z","updated_at":"2016-11-30T06:22:40.000Z","dependencies_parsed_at":"2022-09-01T10:01:18.798Z","dependency_job_id":null,"html_url":"https://github.com/qbit/puber","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/qbit/puber","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qbit%2Fpuber","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qbit%2Fpuber/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qbit%2Fpuber/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qbit%2Fpuber/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/qbit","download_url":"https://codeload.github.com/qbit/puber/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/qbit%2Fpuber/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261785318,"owners_count":23209285,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-16T00:27:34.752Z","updated_at":"2025-06-25T01:32:18.801Z","avatar_url":"https://github.com/qbit.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"puber\n=====\n\nIs a queryable store for public keys. Its intended use is for automatic\ngeneration of SSH `authorized_keys` files.\n\nIt currently supports [redis](https://redis.io) and memory back ends\nfor storing data.\n\nAccess to add and remove public keys is controlled via whitelists and\nyubikey authentication.\n\nIf a host is in the whitelist, it can send add / remove requests\nassuming the yubikey authentication is successful.\n\n## Usage\n\n### Starting\n\nFirst you must acquire an API Key from Yubico via their [web\nportal](https://upgrade.yubico.com/getapikey/). It requires a valid\nemail address and a yubikey.\n\nOnce you have the Client ID and API Key, you can pass them to puber on\nstartup:\n\n```\npuber -ycid CLIENTID -yskey APIKEY\n```\n\nThis will start puber in memory store mode with a whitelist that only\nallows requests to `/add` and `/rm` from `localhost`. More hosts can\nbe specified with the `-wl` flag.\n\n### Adding keys\n\n### Querying keys\n\nKeys can be pulled per user or all at once for all users. This uses\n`/user/$username` and `/all` respectively.\n\nIf you are running in debug mode (-debug flag), three fake keys will\nbe added so that you can test querying:\n\nTo get all keys for user `debug`:\n```\ncurl http://localhost:8081/user/debug\n```\n\nTo get all keys stored in puber:\n```\ncurl http://localhost:8081/all\n```\n\n### Querying keys via Ansible\n\nObviously if you are using puber for dishing out your public keys via\nAnsible, you don't want to use the temporary memory store. Using\nsomething like redis is highly recommended!\n\nAnsible can query a HTTP endpoint to get a users public keys. Here is\nthe example from the [authorized key module](https://docs.ansible.com/ansible/authorized_key_module.html):\n\n```\n# Using github url as key source\n- authorized_key: user=charlie key=https://github.com/charlie.keys\n```\n\npuber would look like this:\n\n```\n- authorized_key: user=charlie key=https://puberurl/charlie\n```\n\nMore users can be specified by simply specifying them via a ','\nseperated list:\n\n```\n- authorized_keys: user=root key=https://puberurl/charlie,fred,jane\n```\n\n## TODO\n\n* [ ] Fix WhteList stuff for reverse proxy.\n* [ ] Make yubikey auth optional.\n* [ ] Allow for arbitrary yubi client id and API keys to be used.\n* [ ] Add a BoltDB backend.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqbit%2Fpuber","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fqbit%2Fpuber","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fqbit%2Fpuber/lists"}