Compare commits
2 Commits
920aeef7f3
...
b38390029f
| Author | SHA1 | Date | |
|---|---|---|---|
b38390029f
|
|||
|
b116ea73ec
|
46
README.md
46
README.md
@@ -64,32 +64,42 @@ find . -type d -exec chmod 755 {} \;
|
||||
|
||||
## SSH Setup
|
||||
|
||||
Generate a key (password protect it!)
|
||||
|
||||
```bash
|
||||
export REMOTE_USER=${USER}
|
||||
export REMOTE_HOST=something.com
|
||||
export REMOTE_PORT=22
|
||||
|
||||
# The following is generated by the above variables. No tweaks necessary.
|
||||
export KEY_NAME=~/.ssh/id_${REMOTE_USER}_${REMOTE_HOST}
|
||||
export KEY_COMMENT="${USER}@${HOSTNAME}:${REMOTE_USER}@${REMOTE_HOST}"
|
||||
|
||||
# Pick one of the below key types
|
||||
# ed25519
|
||||
ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t ed25519
|
||||
ssh-keygen -C ssh@ducoterra.net -t ed25519
|
||||
# rsa 4096
|
||||
ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t rsa -b 4096
|
||||
ssh-keygen -C ssh@ducoterra.net -t rsa -b 4096
|
||||
|
||||
cat <<EOF >> ~/.ssh/config
|
||||
# Inspect a key
|
||||
ssh-keygen -l -f ~/.ssh/id_rsa
|
||||
|
||||
Host ${REMOTE_HOST}
|
||||
Hostname ${REMOTE_HOST}
|
||||
IdentityFile ${KEY_NAME}
|
||||
User ${REMOTE_USER}
|
||||
Port ${REMOTE_PORT}
|
||||
EOF
|
||||
# Change the password
|
||||
ssh-keygen -p -f ~/.ssh/id_rsa
|
||||
```
|
||||
|
||||
In your ~/.ssh/config, add the following line to set the default key
|
||||
|
||||
```conf
|
||||
IdentityFile ~/.foo/identity
|
||||
```
|
||||
|
||||
Then add a host to your local computer
|
||||
|
||||
```bash
|
||||
Host <hostname>
|
||||
Hostname <host.something.com or IP address>
|
||||
User <remote user>
|
||||
Port <remote port>
|
||||
```
|
||||
|
||||
And copy the key to a remote computer
|
||||
|
||||
```bash
|
||||
# Copy the generated key to the server using password auth. Assumes password auth enabled.
|
||||
ssh-copy-id -o PubkeyAuthentication=no -i ${KEY_NAME} ${REMOTE_USER}@${REMOTE_HOST}
|
||||
ssh-copy-id -f -i ~/.ssh/id_ed25519 ${REMOTE_USER}@${REMOTE_HOST}
|
||||
|
||||
# Log into the server with your key
|
||||
ssh -i ${KEY_NAME} ${REMOTE_HOST}
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
- [Searching for GPG Keys](#searching-for-gpg-keys)
|
||||
- [Importing GPG Keys](#importing-gpg-keys)
|
||||
- [Generate GPG Keys](#generate-gpg-keys)
|
||||
- [Change Key Password](#change-key-password)
|
||||
- [Renewing GPG Keys](#renewing-gpg-keys)
|
||||
- [Export GPG Keys](#export-gpg-keys)
|
||||
- [GPG Key Servers](#gpg-key-servers)
|
||||
@@ -62,6 +63,18 @@ gpg --list-secret-keys
|
||||
gpg --edit-key <id>
|
||||
```
|
||||
|
||||
## Change Key Password
|
||||
|
||||
```bash
|
||||
# You can see all the --edit-key options with `man gpg` and search for '--edit-key'
|
||||
# You can also type "?" to see help
|
||||
gpg --edit-key 7FC1B29700114F4FC589E7065FDDCFA544D77B8C
|
||||
|
||||
> passwd
|
||||
|
||||
> quit
|
||||
```
|
||||
|
||||
## Renewing GPG Keys
|
||||
|
||||
You should set an expiration for your keys. You can extend that expiration (or
|
||||
|
||||
Reference in New Issue
Block a user