Changes

Page history
Update Documentation, minor grammar changes authored by Michael Commer's avatar Michael Commer
Show whitespace changes
Inline Side-by-side
Documentation.md
View page @ 4cfb0047
...@@ -76,13 +76,13 @@ ssh-add ~/.ssh/id_ed25519 # provide private-key identity to agent ...@@ -76,13 +76,13 @@ ssh-add ~/.ssh/id_ed25519 # provide private-key identity to agent
ssh-add -l # list managed identities (should show at least one entry) ssh-add -l # list managed identities (should show at least one entry)
# Done, or keep reading below for more details # Done, or keep reading below for more details
``` ```
There is always a private (as in **private - don't share, don't give away**) and a public key in an SSH key pair. As with physical keys, one does not want to share private keys or leave copies thereof in other locations/computers. Instead, create new SSH key pairs on each host you use regularly. Let's outline a **3-step procedure** to get you "keyed-in". There is always a private (as in **private - don't share, don't give away**) and a public key in an SSH key pair. As with physical keys, one does not want to share private keys or leave copies thereof in other locations/computers. Instead, create new SSH key pairs on each frequently-used host. Let's outline a **3-step procedure** to get you "keyed-in".
#### 2.2.1 Step 1: Generate authentication keys: `ssh-keygen` #### 2.2.1 Step 1: Generate authentication keys: `ssh-keygen`
``` ```
ssh-keygen -t ed25519 -C "<YOUR NAME>" ssh-keygen -t ed25519 -C "<YOUR NAME>"
``` ```
The type of key to be generated is specified with the -t option, where we recommend the type "ed25519" for enhanced security. You can then confirm the default file location by hitting ENTER. The type of key to be generated is specified with the `-t` option, where we recommend the type "ed25519" for enhanced security. You can then confirm the default file location by hitting ENTER.
``` ```
Enter file in which to save the key (/home/<USERNAME>/.ssh/id_ed25519): Enter file in which to save the key (/home/<USERNAME>/.ssh/id_ed25519):
``` ```
...@@ -93,7 +93,7 @@ ssh-keygen -t rsa -b 4096 -C "<YOUR NAME>" ...@@ -93,7 +93,7 @@ ssh-keygen -t rsa -b 4096 -C "<YOUR NAME>"
``` ```
which will produce `~/.ssh/id_rsa` and `~/.ssh/id_rsa.pub`. Below, we keep assuming type "ed25519". which will produce `~/.ssh/id_rsa` and `~/.ssh/id_rsa.pub`. Below, we keep assuming type "ed25519".
Next you **have to** enter a passphrase. Weak passphrases present other vulnerabilities. Therefore, for your convenience, this [passphrase generator](https://www.tu-braunschweig.de/it-sicherheit/pwsec/pwgen) assists in a secure choice. Next you **have to** enter a passphrase. Empty or weak passphrases present other vulnerabilities. Therefore, for your convenience, this [passphrase generator](https://www.tu-braunschweig.de/it-sicherheit/pwsec/pwgen) assists in a secure choice.
``` ```
Enter passphrase (empty for no passphrase): Enter passphrase (empty for no passphrase):
... ...
......