When running ssh-copy-id, the script doesn't do any checking to see if the public key already exists in the remote authorized_keys file. If the script is run multiple times (on purpose or by accident) the file not only gets cluttered but also can get quite large if key distribution is set to run via cron.
Created attachment 2317 [details] Alternate ssh-copy-id script I added the following check to to ssh-copy-id script from my Linux Mint 15 (OpenSSH 6.1p1) machine. grep -f ~/.ssh/authorized_keys > /dev/null 2>&1; ! [ -a ~/.ssh/authorized_keys ] || [ $? -ne 0 ] && (please view the attached file for context) I also verified that the modified section was the same on RHEL 6.4 (OpenSSH 5.3) and Fedora 14 (OpenSSH 5.5p1) but could not verify the file contents from the latest OpenSSH package. I am assuming the line is the same in the latest version. This test will check if the public key contents already exists in the authorized_keys file or if the authorized_keys file does not exist. If the public key is already in the file or it does not exist then the public key contents will be appended to the file (and create it if necessary).
The updated ssh-copy-id that has been included since openssh-6.2 now does check for already installed keys
Close all resolved bugs after 7.3p1 release