Generating Authorized Keys Files with Doppler

Here’s a cool little trick for generating authorized keys files with doppler. Create configs as follows for each team member you need to give access to:

Now you can run the following:

doppler run -- printenv | grep SSH_AUTH_KEY | cut -d"=" -f2 > authorized_keys && chmod 600 authorized_keys

You can even run this on a crontab once an hour or so if you’d prefer to do so or just run it manually as needed.

You can even simplify this further using doppler secrets get:

doppler secrets get SSH_AUTH_KEY_ANIL --plain > authorized_keys && chmod 600 authorized_keys

Interesting are you stuffing it all into one big json in your case?
I was thinking every ssh key has its own variable and you’d have to do the following for each key:

doppler secrets get SSH_AUTH_KEY_*  -c dev -p ... --plain

Are wildcard fetches like that supported?

Ahh my bad, I see now your script iterates through every key with the SSH_AUTH_KEY prefix. Neat!

Your solution is a good one and I’ve added it to a newly created Secrets Access page in our docs.