samfelag/docs/hosts.org

Hosts

• Reykjavik
• Kopavogur
• <<new_host>> Setting up a new host
  • Generate a host ssh key pair
  • Add the public key to secrets.nix
  • SSH public key authentication

Reykjavik

Kopavogur

<<new_host>> Setting up a new host

Generate a host ssh key pair

Generate the key pair (we'll use the name `id_<host>`)

ssh-keygen -f id_<host>

Encrypt the private key if you want to put it in the repo:

gpg -r marc@sastre.cat -e id_<host>

You can decrypt it later with:

gpg -d id_<host>.gpg > id_<host>

Add the public key to secrets.nix

In the agenix secrets file add the public key, and give access to the necessary secrets.

SSH public key authentication

Setting up authentication from localhost (client) to remotehost (server). On localhost run:

ssh-keygen -f ~/.ssh/remotehost
ssh-copy-id -i ~/.ssh/remotehost remotehost-or-ip

We may want to edit the ssh config file to use this ssh key when connection to remotehost:

Host remotehost
  # HostName 192.168.1.105
  # Port 22
  # User user

  IdentitiesOnly yes
  IdentityFile ~/.ssh/remotehost