From 1b78d4af89791791b68b51a72cbcf0775038108d Mon Sep 17 00:00:00 2001 From: xengineering Date: Sun, 28 Jul 2024 13:08:26 +0200 Subject: Switch to SSH keys instead of passwords This is better for automation and security (which of course is only a thing if the default key is not used). --- README.md | 3 ++- keys/craft_ed25519 | 7 +++++++ keys/craft_ed25519.pub | 1 + 3 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 keys/craft_ed25519 create mode 100644 keys/craft_ed25519.pub diff --git a/README.md b/README.md index 31ec98c..346befd 100644 --- a/README.md +++ b/README.md @@ -90,10 +90,10 @@ locale-gen echo 'LANG=en_US.UTF-8' > /etc/locale.conf echo 'craft-archlinux' > /etc/hostname mkinitcpio -P -echo 'root' | passwd -s systemctl enable NetworkManager systemctl enable chronyd sed -i 's|#PermitRootLogin prohibit-password|PermitRootLogin yes|g' /etc/ssh/sshd_config +echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFB/sCmZZ9lffCfAjbNCHRsW95/s75p5qMp+9Ch4/NPn' > /root/.ssh/authorized_keys systemctl enable sshd # bootloader installation @@ -142,5 +142,6 @@ ssh \ -p 9999 \ -o UserKnownHostsFile=/dev/null \ -o StrictHostKeyChecking=no \ + -i keys/craft_ed25519 \ root@localhost ``` diff --git a/keys/craft_ed25519 b/keys/craft_ed25519 new file mode 100644 index 0000000..30b0d7a --- /dev/null +++ b/keys/craft_ed25519 @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACBQf7ApmWfZX3wnwI2zQh0bFvef7O+aeajKfvQoePzT5wAAAJBMhIdGTISH +RgAAAAtzc2gtZWQyNTUxOQAAACBQf7ApmWfZX3wnwI2zQh0bFvef7O+aeajKfvQoePzT5w +AAAECzt9IUB697tk4kPeyJFUK8IY7chwcMcKZB2cGY3Tvgp1B/sCmZZ9lffCfAjbNCHRsW +95/s75p5qMp+9Ch4/NPnAAAADGphbkB0aGlua3BhZAE= +-----END OPENSSH PRIVATE KEY----- diff --git a/keys/craft_ed25519.pub b/keys/craft_ed25519.pub new file mode 100644 index 0000000..abc695e --- /dev/null +++ b/keys/craft_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFB/sCmZZ9lffCfAjbNCHRsW95/s75p5qMp+9Ch4/NPn -- cgit v1.2.3-70-g09d2