I have been experimenting with various software packages in an attempt to extend my homelab out to the wild with various vps providers like caprover, yunohost, and cloudron. I like all three but they all three do not scratch the itch completely. Thus leads to my adventures in SSH public private key exhanges.
I am mostly writing this down for me and perhaps a reader if any make it to this corner of the internet. The simplest way to generate a key is with puttygen. Apparently the new hotness is EdDSA for encryption, “more secure and smaller than RSA.” Makes me wonder why that makes a difference in a world where I can spend a couple bucks and spin up a vps somewhere and using a big RSA key and a small EdDSA key seems to make no difference. Possibly, the coolest feature of the SSH key login methods is that I do not need to associate a passkey with the private keys so that I can automate file transfers for sensitive items, like certificates from certbot to different hosts, where port 80 is not available for the host challenge (like stuff in my homelab). But maybe that’s not entirely useful due to things like reverse proxy being available.
Anyways, future me, make your keys in puttygen, scp the public key to the new client and cat that into the authorized keys section. Make sure to have the right prefix like ssh-rsa or ssh-ed leading the huge string provided.
Leave a Reply