locus313 · locus313 · Jun 25, 2025 · Jun 25, 2025 · Jun 25, 2025 · Jun 25, 2025
diff --git a/README.md b/README.md
@@ -9,6 +9,7 @@ This Bash script pulls `authorized_keys` files from remote URLs and updates SSH
 - Works with:
   - ✅ Public URLs (method: `raw`)
   - ✅ Private GitHub repositories via GitHub API (method: `api`, requires token)
+  - ✅ GitHub user public keys (method: `ghuser`)
 - Safe: Only updates keys if they’ve changed
 - Logs activity per user
 
@@ -21,18 +22,20 @@ Each entry uses the format:
 
 - **raw:** Fetches directly from a public URL.
 - **api:** Fetches from a private GitHub repo using the GitHub API (requires `GITHUB_TOKEN` environment variable).
+- **ghuser:** Fetches public keys from a GitHub user's profile (provide the GitHub username after the colon).
 
 **Example `users.conf`:**
 ```bash
 declare -A USER_KEYS=(
   ["ubuntu"]="raw:https://example.com/ssh-keys/ubuntu.authorized_keys"
   ["devuser"]="api:https://api.github.com/repos/yourorg/ssh-keys/contents/keys/devuser.authorized_keys?ref=main"
+  ["alice"]="ghuser:alice-github-username"
 )
 ```
 
 ## Usage
 
-1. Edit the `users.conf` file to define users and their key URLs.
+1. Edit the `users.conf` file to define users and their key URLs or GitHub usernames.
 2. If using the `api` method, export your GitHub token:
    ```bash
    export GITHUB_TOKEN=your_token_here
@@ -42,10 +45,9 @@ declare -A USER_KEYS=(
    chmod +x sync-ssh-keys.sh
    ```
 4. Add to root's crontab:
-
-```cron
-*/15 * * * * /usr/local/bin/sync-ssh-keys.sh >> /var/log/ssh-key-sync.log 2>&1
-```
+   ```cron
+   */15 * * * * /usr/local/bin/sync-ssh-keys.sh >> /var/log/ssh-key-sync.log 2>&1
+   ```
 
 ## Implementation Notes
 

diff --git a/sync-ssh-keys.sh b/sync-ssh-keys.sh
@@ -2,7 +2,7 @@
 set -euo pipefail
 
 # shellcheck disable=SC2034  # planned to be used in a future release
-SCRIPT_VERSION="0.0.5"
+SCRIPT_VERSION="0.0.6"
 
 # === Load user configuration ===
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
@@ -23,20 +23,24 @@ log_message() {
 
 fetch_key_file() {
   local METHOD="$1"
-  local URL="$2"
+  local TARGET="$2"
   local OUTFILE="$3"
 
   if [[ "$METHOD" == "raw" ]]; then
-    curl -fsSL "$URL" -o "$OUTFILE"
+    curl -fsSL "$TARGET" -o "$OUTFILE"
     return $?
   elif [[ "$METHOD" == "api" ]]; then
     : "${GITHUB_TOKEN:?GITHUB_TOKEN is required for API access}"
     curl -fsSL -H "Authorization: token $GITHUB_TOKEN" \
                -H "Accept: application/vnd.github.v3.raw" \
-               "$URL" -o "$OUTFILE"
+               "$TARGET" -o "$OUTFILE"
+    return $?
+  elif [[ "$METHOD" == "ghuser" ]]; then
+    # TARGET is the GitHub username
+    curl -fsSL "https://github.com/${TARGET}.keys" -o "$OUTFILE"
     return $?
   else
-    log_message "Error: Unsupported method '$METHOD' encountered for URL '$URL'. Halting execution."
+    log_message "Error: Unsupported method '$METHOD' encountered for URL '$TARGET'. Halting execution."
     exit 2
   fi
 }

diff --git a/users.conf b/users.conf
@@ -1,5 +1,5 @@
 declare -A USER_KEYS=(
   ["ubuntu"]="raw:https://example.com/ssh-keys/ubuntu.authorized_keys"
   ["devuser"]="api:https://api.github.com/repos/yourorg/ssh-keys/contents/keys/devuser.authorized_keys?ref=main"
-  ["admin"]="api:https://api.github.com/repos/yourorg/ssh-keys/contents/keys/admin.authorized_keys?ref=main"
+  ["alice"]="ghuser:alice-github-username"
 )