Alternatives
************

Why use SSH Deploy Key?

The Case
=========================

There are lots of ways to copy out an ssh key to a
remote host, such as by hand, with ssh-copy-id,
or with configuration management tools.

Although ssh-deploy-key is not ideal for every situation, its
speed and ease of use make it a good choice in many cases.


Alternatives
============

Clearly there are other good options for deploying ssh keys.


Deploying by Hand
-----------------
ssh-deploy-key cannot deploy an ssh key to a host is on a different
network, behind a jump box.  In that case, deployment by hand
is the way to go.  But in other cases, ssh-copy-id is a better option.
Even when just copying a key out to a single host, it's a faster, easier,
and more reliable option.  These advantages only increase
when copying keys out to multiple hosts.


ssh-copy-id
-----------

ssh-copy-id is a great tool, but it's not the ideal
solution for every scenario.

 * ssh-copy-id is not installed by default on all systems,
   notably on Mac OS.

 * ssh-copy-id has no concept of 'smart append'.  It
   will append a key to the authorized keys file
   regardless of whether that key is already present.

 * Scripting the use of ssh-copy-id for deploying to
   multiple remote hosts can be challenging:

     * Password is entered interactively for each host.
     * In the case where there are numerous remote hosts
       that have not seen before, you'd need to interactively
       allow each host to be added to your known_hosts file.



Configuration Management Tools
------------------------------

Configuration management tools like Puppet, Chef, Ansible,
etc. can do a fine job of deploying your ssh key(s) to 
numerous remote hosts.  But if you are not already set up
to use them for key distribution, this solution can be
overkill.