Is github-auth safe for giving SSH access to strangers?

Yes, it uses public key authentication from GitHub, which is more secure than sharing passwords, but you should still use a separate 'pair' account to limit access to sensitive data, as recommended in the troubleshooting.

How to use github-auth with a custom SSH port?

You can specify a different port manually in SSH commands, but github-auth itself doesn't change SSH configurations; you need to set up port forwarding separately, as mentioned in the troubleshooting.

github-auth vs manually managing SSH keys

github-auth automates key fetching and updates, saving time for frequent pair programming, but manual management offers more control over individual keys and doesn't depend on GitHub.

Can I revoke access for all users at once with github-auth?

Yes, you can use 'gh-auth remove --users=`gh-auth list`' to remove all authorized GitHub users in one command, as shown in the batch operations example.

How to integrate github-auth into a Ruby script?

Use the provided API by requiring 'github/auth' and calling GitHub::Auth::CLI.start, as demonstrated in the 'In Your Project' section for programmatic key management.

What if my pair doesn't have SSH keys on GitHub?

github-auth won't work; users must upload public keys to their GitHub account, so you'd need an alternative method like manual key exchange or a different tool.

Open-Awesome

github-auth

MITRubyv3.1.0

A command-line tool for managing SSH keys from GitHub users to enable secure pair programming sessions.

GitHub

389 stars17 forks0 contributors

What is github-auth?

github-auth is a command-line tool that automates SSH key management for GitHub users, allowing developers to easily add or remove public SSH keys from their `authorized_keys` file. It solves the problem of securely granting temporary SSH access for pair programming sessions without manual key handling.

Target Audience

Developers who frequently engage in remote pair programming and need a secure, efficient way to manage SSH access for collaborators with GitHub accounts.

Value Proposition

It eliminates the friction of manually exchanging SSH keys, reduces security risks by avoiding password sharing, and integrates seamlessly with GitHub's public key infrastructure.

Overview

SSH key management for GitHub users

Use Cases

Best For

Setting up secure SSH access for remote pair programming sessions
Quickly onboarding GitHub collaborators to a shared development environment
Managing temporary SSH access for workshops or coding interviews
Automating SSH key rotation for team-based development machines
Integrating SSH key management into Ruby-based DevOps scripts
Facilitating ad-hoc coding collaborations without complex infrastructure

Not Ideal For

Teams where collaborators lack GitHub accounts or use other version control systems
Environments requiring granular SSH key control (e.g., managing specific keys per device)
Projects with existing automated SSH key management via tools like Ansible or Puppet
Non-Ruby setups where installing a gem adds unnecessary dependency overhead

Pros & Cons

Pros

Automated Key Fetching

Fetches public SSH keys directly from GitHub, eliminating manual copying and pasting, as shown in the command examples for adding users.

Enhanced Pair Programming Security

Uses public key authentication instead of password sharing, reducing security risks for remote collaborations, per the project's philosophy.

Custom Command Support

Allows specifying SSH commands like 'tmux attach' for automatic session joining, streamlining the pairing workflow as demonstrated in the README.

Batch Management Efficiency

Supports adding or removing multiple users at once and listing all authorized users, saving time for group operations.

Cons

GitHub Platform Lock-in

Relies entirely on GitHub for key storage; it cannot manage keys from other sources, limiting flexibility for teams using Bitbucket or GitLab.

Limited Infrastructure Handling

Does not automate network setup like port forwarding, requiring manual configuration as admitted in the troubleshooting section.

All-or-Nothing Key Access

Adds all public keys from a GitHub user, which may include inactive or unintended keys, potentially cluttering the authorized_keys file.

Frequently Asked Questions

Related Projects

DEPRECATED A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.

Stars1,574

Forks108

Last commit2 years ago

totp-ssh-fluxer

Take security by obscurity to the next level (this is a bad idea, don't really use this please)

Stars944

Forks43

Last commit3 years ago

authy-ssh

Easy two-factor authentication for ssh servers

Stars798

Forks68

Last commit8 years ago

HIBA

HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.

Stars388

Forks18

Last commit11 months ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub