[Quick Links] |
Search Site

Site Details

rendered in 0.0864 secs

Captain's Log | Thursday 28th of September 2017

generate new key pair | linux security ref

update: i tried the ed25519 key, but had issues syncing from phone, as FolderSync didn't support the key type. ended up back with rsa key
check existing keys
for keyfile in ~/.ssh/id_*; do ssh-keygen -l -f "${keyfile}"; done | uniq
generate new key on CLIENT MACHINE - NOT SERVERS
ssh-keygen -t rsa -b 4096 -o -a 100
ssh into server with existing key, and update athorized_keys with new public key, no need to put pub or private key on actual server!!
update authorized_keys FOR ALL ACCOUNTS ALLOWED IN /etc/ssh/sshd_config (you must have users configured here, that's how we know which authorized_keys files to check to ensure only these accounts have access to the system)

repeat for home infrastructure (dan, prox)