Add SSH Key - A simple command-line tool to automatically add SSH keys from GitHub users to your authorized_keys file.

The ask tool simplifies SSH key management by automatically fetching and adding SSH public keys from GitHub user profiles to your authorized_keys file. It provides a secure, interactive way to manage SSH access with proper validation and user confirmation.

Primary Use Cases:

• System administrators managing server access
• DevOps teams setting up development environments
• Personal servers and remote access management
• CI/CD pipeline SSH key provisioning

• 🔍 User Search: Search GitHub users with ask search <query> to find the right person
• 🔑 SSH Key Management: Fetches and validates SSH keys from GitHub profiles
• 🚫 Disable Password Auth: One-command password authentication disable with automatic SSH config management
• 🛡️ Security: Prevents duplicate keys, validates SSH key formats, and requires user confirmation
• 📁 Auto-setup: Creates .ssh directory and authorized_keys file with correct permissions (0700/0600)
• 🖥️ Cross-platform: Supports Linux, macOS, Windows, and FreeBSD
• ⚡ Fast: Written in Go for optimal performance and minimal dependencies
• 🔒 Safe: Interactive confirmation with user details before adding keys
• 📋 Comprehensive: Supports all common SSH key types (RSA, Ed25519, ECDSA, DSA)

# Install
bash <(curl -Ls https://ssa.sx/ask)
# or
bash <(curl -Ls https://raw.githubusercontent.com/missuo/ask/main/install.sh)

# Upgrade to latest version
bash <(curl -Ls https://raw.githubusercontent.com/missuo/ask/main/install.sh) upgrade

# Uninstall
bash <(curl -Ls https://raw.githubusercontent.com/missuo/ask/main/install.sh) uninstall

Download the latest binary from releases for your platform:

• Linux: ask-linux-amd64, ask-linux-arm64, ask-linux-386
• macOS: ask-darwin-amd64, ask-darwin-arm64
• Windows: ask-windows-amd64.exe, ask-windows-386.exe
• FreeBSD: ask-freebsd-amd64, ask-freebsd-arm64

git clone https://github.com/missuo/ask.git
cd ask
go build -ldflags="-s -w" -o ask .

ask <github-username>          # Add SSH keys from a GitHub user
ask search <query>             # Search for GitHub users
ask disable-password           # Disable password authentication (requires sudo)
ask --version                  # Show version information

# Search for users first
ask search missuo

# Add SSH keys from GitHub user 'missuo' (with confirmation)
ask missuo

# Add SSH keys from GitHub user 'octocat'
ask octocat

# Check version
ask --version

# Disable password authentication (requires root privileges)
sudo ask disable-password

The disable-password command allows you to disable password-based SSH authentication and enforce key-only authentication:

# Run with sudo or as root
sudo ask disable-password

What it does:

1. Creates a backup of /etc/ssh/sshd_config
2. Sets PasswordAuthentication no in the config
3. Tests the configuration validity with sshd -t
4. Restarts the SSH service

⚠️ Important Warning:

• Ensure you have SSH keys configured and working before running this command
• If you lose your SSH keys, you may be locked out of the server
• The original config is backed up with timestamp suffix

Found 2 SSH key(s) for user 'missuo':
  1. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7... (truncated)
  2. ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... (truncated)

Successfully added 2 new SSH key(s) to ~/.ssh/authorized_keys

$ ask --version
ask version v1.0.0

$ ask search missuo
Searching for users matching 'missuo'...

Found 7 users:
  missuo - Vincent Young (Founder of @OwO-Network. PITT MSCS '25 Alum. Operator of AS30700, AS60614 and AS206729.) [OwO Network, LLC]
  Missuo0o - Shun Zhang (System.out.println("Hello Java");) [NYU]
  missuor - Missuor4ever
  missuorange - missuorange
  MissUoU - MissUoU
  Missuo7716 - Missuo7716
  Missuori - Missuori

Use 'ask <username>' to add SSH keys from any of these users.

$ ask sarkrui
User: sarkrui (Sark)
Bio: 🤓 A designer who codes. PhD student at PolyU Design for Designing Materiality of Interaction for Everyday Activities.
Location: Hong Kong SAR, China
Public repos: 156

Are you sure you want to add Sark's SSH keys? (y/N): y

Found 2 SSH key(s) for user 'sarkrui':
  1. ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI... (truncated)
  2. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7... (truncated)

Successfully added 2 new SSH key(s) to ~/.ssh/authorized_keys

1. Validates the GitHub username format
2. Fetches SSH keys from https://github.com/<username>.keys
3. Validates each SSH key format
4. Creates ~/.ssh directory (mode 0700) if it doesn't exist
5. Creates ~/.ssh/authorized_keys file (mode 0600) if it doesn't exist
6. Checks for duplicate keys to prevent adding the same key twice
7. Appends new keys to the authorized_keys file

• ssh-rsa
• ssh-dss
• ssh-ed25519
• ecdsa-sha2-nistp256
• ecdsa-sha2-nistp384
• ecdsa-sha2-nistp521

The tool handles various error scenarios:

• Invalid GitHub username format
• Non-existent GitHub users (404 error)
• Users with no SSH keys
• Network connectivity issues
• Permission errors
• Invalid SSH key formats

• Permission Management: Automatically sets correct permissions (0700 for .ssh, 0600 for authorized_keys)
• Key Validation: Validates SSH key formats before adding
• Duplicate Prevention: Checks existing keys to prevent duplicates
• Username Validation: Validates GitHub username format to prevent injection attacks

• Go 1.21 or later

# Build for current platform
go build -ldflags="-s -w -X main.version=dev" -o ask .

# Cross-compile for different platforms
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X main.version=dev" -o ask-linux-amd64 .
GOOS=darwin GOARCH=arm64 go build -ldflags="-s -w -X main.version=dev" -o ask-darwin-arm64 .
GOOS=windows GOARCH=amd64 go build -ldflags="-s -w -X main.version=dev" -o ask-windows-amd64.exe .

go test -v ./...

1. Create a new tag: git tag v1.0.0
2. Push the tag: git push origin v1.0.0
3. GitHub Actions will automatically build and release binaries

🚀 Coming Soon: We are planning to submit this package to official Debian/Ubuntu repositories in the future.

• Package Name: ask
• Section: utils
• Priority: optional
• Architecture: any (compiled for multiple architectures)
• Depends: libc6 (>= 2.17) (minimal dependencies)
• Maintainer: Vincent Young [email protected]
• Homepage: https://github.com/missuo/ask
• VCS: Git (https://github.com/missuo/ask.git)

• Debian Policy: Designed to comply with Debian Policy 4.6.0
• FHS Compliant: Follows Filesystem Hierarchy Standard
• Testing: Automated CI/CD with comprehensive test coverage
• Security: No known security vulnerabilities
• Upstream: Actively maintained with regular releases
• Package Quality: Will ensure Lintian clean before submission

• Maintenance: Committed to long-term maintenance and support
• Bug Fixes: Responsive to bug reports and security issues
• Updates: Regular updates following semantic versioning
• Debian Integration: Will maintain package in Debian repositories once accepted
• Documentation: Will provide comprehensive documentation and man pages

For now, please use the installation script or download binaries directly from GitHub releases. We will announce when the package becomes available through official APT repositories.

We welcome contributions! Please follow these steps:

1. Fork the repository
2. Create a feature branch: git checkout -b feature/new-feature
3. Commit your changes: git commit -am 'Add new feature'
4. Push to the branch: git push origin feature/new-feature
5. Submit a pull request

• Follow Go best practices and conventions
• Add tests for new functionality
• Ensure go fmt, go vet, and golint pass
• Update documentation as needed

MIT License - see LICENSE file for details.

This project follows Semantic Versioning:

• Major version: Incompatible API changes
• Minor version: Backwards-compatible functionality additions
• Patch version: Backwards-compatible bug fixes

The current stable version is v1.0.0, indicating a mature, production-ready tool.

• Issues: Report bugs and request features on GitHub Issues
• Security: Report security vulnerabilities to [email protected]
• Documentation: Comprehensive documentation available in this README
• Community: Active community support and contributions welcome

This tool was inspired by the common need to quickly add SSH keys from GitHub users to server authorized_keys files, automating the manual process of:

curl https://github.com/username.keys | tee -a ~/.ssh/authorized_keys

To upgrade to the latest version:

bash <(curl -Ls https://raw.githubusercontent.com/missuo/ask/main/install.sh) upgrade

To remove the tool from your system:

bash <(curl -Ls https://raw.githubusercontent.com/missuo/ask/main/install.sh) uninstall

• Operating System: Linux (primary), macOS, Windows, FreeBSD
• Architecture: amd64, arm64, 386
• Memory: < 10MB RAM usage
• Storage: < 5MB disk space
• Network: Internet access for GitHub API calls
• Dependencies: None (statically compiled binary)

• Permissions: Automatically sets secure permissions (0700 for .ssh, 0600 for authorized_keys)
• Validation: Validates GitHub usernames and SSH key formats
• Confirmation: Requires explicit user confirmation before adding keys
• Audit Trail: Clear output showing what keys were added
• No Persistence: Doesn't store any user data or credentials locally

• Speed: Typically completes in under 2 seconds
• Memory: Minimal memory footprint (< 10MB)
• Network: Efficient API usage with built-in rate limiting
• Scalability: Handles multiple keys and users efficiently

• github-keys - Similar concept with different implementation
• ssh-import-id - Import SSH keys from various sources
• ssh-copy-id - Traditional SSH key copying tool

ask - Simplifying SSH key management, one user at a time.

Made with ❤️ by Vincent Young