services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: services:920aeef7f35c87963798c2b31a8cedbf2afee114
Branches Tags
services:main
..
compare: services:b38390029fea95ac075884fa14fff784cc85a492
Branches Tags
services:main

2 Commits
920aeef7f3 ... b38390029f

Author SHA1 Message Date
ducoterra
b38390029f update README ssh notes 2025-10-22 16:57:53 -04:00
ducoterra
b116ea73ec add gpg change key password 2025-10-22 16:57:38 -04:00
2 changed files with 41 additions and 18 deletions
Expand all files Collapse all files

46
README.md
View File

@@ -64,32 +64,42 @@ find . -type d -exec chmod 755 {} \;
## SSH Setup ## SSH Setup
Generate a key (password protect it!)
```bash ```bash
export REMOTE_USER=${USER}
export REMOTE_HOST=something.com
export REMOTE_PORT=22
# The following is generated by the above variables. No tweaks necessary.
export KEY_NAME=~/.ssh/id_${REMOTE_USER}_${REMOTE_HOST}
export KEY_COMMENT="${USER}@${HOSTNAME}:${REMOTE_USER}@${REMOTE_HOST}"
# Pick one of the below key types # Pick one of the below key types
# ed25519 # ed25519
ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t ed25519 ssh-keygen -C ssh@ducoterra.net -t ed25519
# rsa 4096 # rsa 4096
ssh-keygen -C ${KEY_COMMENT} -f ${KEY_NAME} -t rsa -b 4096 ssh-keygen -C ssh@ducoterra.net -t rsa -b 4096
cat <<EOF >> ~/.ssh/config # Inspect a key
ssh-keygen -l -f ~/.ssh/id_rsa
Host ${REMOTE_HOST} # Change the password
Hostname ${REMOTE_HOST} ssh-keygen -p -f ~/.ssh/id_rsa
IdentityFile ${KEY_NAME} ```
User ${REMOTE_USER}
Port ${REMOTE_PORT}
EOF
In your ~/.ssh/config, add the following line to set the default key
```conf
IdentityFile ~/.foo/identity
```
Then add a host to your local computer
```bash
Host <hostname>
Hostname <host.something.com or IP address>
User <remote user>
Port <remote port>
```
And copy the key to a remote computer
```bash
# Copy the generated key to the server using password auth. Assumes password auth enabled. # Copy the generated key to the server using password auth. Assumes password auth enabled.
ssh-copy-id -o PubkeyAuthentication=no -i ${KEY_NAME} ${REMOTE_USER}@${REMOTE_HOST} ssh-copy-id -f -i ~/.ssh/id_ed25519 ${REMOTE_USER}@${REMOTE_HOST}
# Log into the server with your key # Log into the server with your key
ssh -i ${KEY_NAME} ${REMOTE_HOST} ssh -i ${KEY_NAME} ${REMOTE_HOST}

13
active/software_gpg/gpg.md
View File

@@ -4,6 +4,7 @@
- [Searching for GPG Keys](#searching-for-gpg-keys) - [Searching for GPG Keys](#searching-for-gpg-keys)
- [Importing GPG Keys](#importing-gpg-keys) - [Importing GPG Keys](#importing-gpg-keys)
- [Generate GPG Keys](#generate-gpg-keys) - [Generate GPG Keys](#generate-gpg-keys)
- [Change Key Password](#change-key-password)
- [Renewing GPG Keys](#renewing-gpg-keys) - [Renewing GPG Keys](#renewing-gpg-keys)
- [Export GPG Keys](#export-gpg-keys) - [Export GPG Keys](#export-gpg-keys)
- [GPG Key Servers](#gpg-key-servers) - [GPG Key Servers](#gpg-key-servers)
@@ -62,6 +63,18 @@ gpg --list-secret-keys
gpg --edit-key <id> gpg --edit-key <id>
``` ```
## Change Key Password
```bash
# You can see all the --edit-key options with `man gpg` and search for '--edit-key'
# You can also type "?" to see help
gpg --edit-key 7FC1B29700114F4FC589E7065FDDCFA544D77B8C
> passwd
> quit
```
## Renewing GPG Keys ## Renewing GPG Keys
You should set an expiration for your keys. You can extend that expiration (or You should set an expiration for your keys. You can extend that expiration (or