#+title: Hosts
* [[file:../hosts/reykjavik/README.org][Reykjavik]]
* [[file:../hosts/kopavogur/README.org][Kopavogur]]
* <<new_host>> Setting up a new host
** Generate a host ssh key pair
Generate the key pair (we'll use the name `id_<host>`)
#+BEGIN_SRC bash
ssh-keygen -f id_<host>
#+END_SRC
Encrypt the private key if you want to put it in the repo:
#+begin_src bash
gpg -r marc@sastre.cat -e id_<host>
#+end_src
You can decrypt it later with:
#+begin_src bash
gpg -d id_<host>.gpg > id_<host>
#+end_src
** Add the public key to secrets.nix
In the [[file:../secrets/secrets.nix][agenix secrets file]] add the public key, and give access to the necessary secrets.
** SSH public key authentication
Setting up authentication from localhost (client) to remotehost (server). On localhost run:
#+BEGIN_SRC bash
ssh-keygen -f ~/.ssh/remotehost
ssh-copy-id -i ~/.ssh/remotehost remotehost-or-ip
#+END_SRC
We may want to edit the ssh config file to use this ssh key when connection to remotehost:
#+BEGIN_SRC
Host remotehost
  # HostName 192.168.1.105
  # Port 22
  # User user

  IdentitiesOnly yes
  IdentityFile ~/.ssh/remotehost
#+END_SRC