RFC: ssh-copy-id tweaks

[Nick Dokos]

I'd like to propose a couple of tweaks to ssh-copy-id:

o Change the default ID_FILE from identity.pub to id_dsa.pub or perhaps
  {id_dsa,id_rsa,identity}.pub to cover all the bases, although the
  patch below deals only with id_dsa.pub - it would need some more
  tweaking to deal with more than one (possibly non-existent) file.

o If the destination authorized_keys file already contains the keys,
  they should not be duplicated. I use ssh-copy-id in a regression harness
  and I end up adding the same key tens or hundreds of times. I have not
  seen any problem but it is somewhat distasteful.

  The method proposed is frankly a hack, but it is simple and I think it
  is foolproof and portable. At least initially, it will mess up the
  order of the keys, but given that the file is mostly write-only by
  humans, that should not make any difference.

Comments?

Thanks,
Nick

--- ssh-copy-id.orig	2008-01-31 12:01:03.000000000 -0500
+++ ssh-copy-id	2008-01-31 12:05:16.000000000 -0500
@@ -1,11 +1,11 @@
 #!/bin/sh
 
-# Shell script to install your identity.pub on a remote machine
+# Shell script to install your id_dsa.pub on a remote machine
 # Takes the remote machine name as an argument.
 # Obviously, the remote machine must accept password authentication,
 # or one of the other keys in your ssh-agent, for this to work.
 
-ID_FILE="${HOME}/.ssh/identity.pub"
+ID_FILE="${HOME}/.ssh/id_dsa.pub"
 
 if [ "-i" = "$1" ]; then
   shift
@@ -38,7 +38,7 @@
   exit 1
 fi
 
-{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
+{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys && sort -u -o .ssh/authorized_keys .ssh/authorized_keys" || exit 1
 
 cat <<EOF
 Now try logging into the machine, with "ssh '$1'", and check in: