ssh-copy-id is a shell script that installs public keys on a remote machine. (In my tests, it basically copies the content of the local file ~/.ssh/id_rsa.pub to the remote file ~/.ssh/authorized_keys). /usr/bin/ssh-copy-id [-h|-?|-f|-n] [-i [identity_file]] [-p port] [-F alternative ssh_config file] [[-o <ssh -o options>] ...] [user@]hostname
-i identity_file | Use only the key(s) contained in identity_file (rather than looking for identities via ssh-add or in the default_ID_file). If the filename does not end in .pub this is added. If the filename is omitted, the default_ID_file is used. Note that this can be used to ensure that the keys copied have the comment one prefers and/or extra options applied, by ensuring that the key file has these set as preferred before the copy is attempted. |
-f | Forced mode: doesn't check if the keys are present on the remote server. This means that it does not need the private key. Of course, this can result in more than one copy of the key being installed on the remote system. |
-n | Do a dry-run. Instead of installing keys on the remote system simply prints the key(s) that would have been installed. |
-h, -? | Print usage summary |
-p port | |
-o ssh_option |
-p and -o are simply passed through untouched along with their argument to allow one to set the port or other ssh option, respectively. -i is not specified, ssh-copy-id uses the output of ssh-add -L as keys (if it produces any output). default_ID_file is the most recent file that matches ~/.ssh/id*.pub (excluding those that match ~/.ssh/*-cert.pub), i.e. the file name returned with the following pipeline: ls -t "${HOME}"/.ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1