https://github.com/utilitywarehouse/ssh-key-manager

Allows users to set their ssh key against their google user account + sync user/group/key map in s3
https://github.com/utilitywarehouse/ssh-key-manager

google infrastructure kubernetes oauth2 uw-dep-alpine uw-dep-go uw-owner-system

Last synced: 9 months ago
JSON representation

Allows users to set their ssh key against their google user account + sync user/group/key map in s3

• Host: GitHub
• URL: https://github.com/utilitywarehouse/ssh-key-manager
• Owner: utilitywarehouse
• License: mit
• Created: 2017-09-21T15:23:55.000Z (over 8 years ago)
• Default Branch: master
• Last Pushed: 2025-08-01T11:22:01.000Z (11 months ago)
• Last Synced: 2025-08-25T11:11:43.114Z (10 months ago)
• Topics: google, infrastructure, kubernetes, oauth2, uw-dep-alpine, uw-dep-go, uw-owner-system
• Language: Go
• Homepage:
• Size: 275 KB
• Stars: 5
• Watchers: 4
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# ssh-key-manager

- allows users to set their ssh public keys in their Google GSuite account

- does a periodic sync of all specified groups (members + ssh keys) from

  Google to AWS s3

### server

Required environment variables:

| env var                   | example                         | desc                                                                           |

| -------                   | -------                         | ----                                                                           |

| SKM_CLIENT_ID             | xxx.apps.googleusercontent.com  | Google oidc client id                                                          |

| SKM_CLIENT_SECRET         | xxxxxxxx                        | Google oidc client secret                                                      |

| SKM_CALLBACK_URL          | https://app/callback            | Callback URI where user will be redirected after successful Google interaction |

| SKM_AWS_BUCKET            | bucket-name                     | AWS s3 bucket name                                                             |

| SKM_SA_KEY_LOC            | /etc/skm/sa-key.json            | Location on disk where Google service account key is (json format)             |

| SKM_GROUPS                | "group@gsuite-domain.com"       | comma seperated list of groups that will be synced to s3                       |

| SKM_ADMIN_EMAIL           | "admin-user@gsuite-domain.com"  | A G-Suite admin user                       |

You will also need to configure the appropriate AWS credentials for your

environment, as detailed [on this

page](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials).

### client

Use https://github.com/utilitywarehouse/ssh-key-agent on your host to populate

`authorized_keys`