fran/wiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
wiki/keys.md
Francisco Penedo Alvarez 7eeac6c3fc docs: create keys
2023-11-07 23:55:40 +01:00

1.3 KiB
Raw Permalink Blame History

title, description, published, date, tags, editor, dateCreated
title description published date tags editor dateCreated
Keys true 2023-11-07T22:55:37.899Z markdown 2023-11-07T22:55:37.899Z

SSH

Keygen

ssh-keygen -t rsa -b 4096 -C "fran@franpenedo.com"
ssh-keygen -t ed25519 -C "fran@franpenedo.com" -f ~/.ssh/key

Authorized keys

Restrict key to execute a command with agent forwarding:

command="echo foo",restrict,agent-forwarding ssh-rsa AAABBBCCC...

Agent forwarding

Spawn a new empty ssh-agent inside a subshell, then populate it with needed keys.

     (
         eval $(ssh-agent) >/dev/null
         ssh-add ~/.ssh/key
         # -A for agent forwarding
         ssh -A user@host "command"
         kill ${SSH_AGENT_PID}
     )

GPG

Keys

List keys:

gpg --list-secret-keys --keyid-format LONG
  • [E]: encrypting key
  • [S]: signing key

Export subkeys:

gpg --armor --export-secret-subkeys fran@franpenedo.com | gpg --armor --symmetric --output mykey.sec.asc

DNIe

Arch linux

Install libpkcs11-dnie and dnieremote-bin from AUR. Possibly ca-certificates-{fnmt,dnie} needed.

Firefox

Load security device /usr/lib/libdnieremotepkcs11.so. Might need to restart.

Android

Install Lector de DNIe para PC, usando el movil from CNP-FNMT.

Reference in New Issue View Git Blame Copy Permalink