git.lirion.de

Of git, get, and gud

aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormail_redacted_for_web 2022-07-17 15:55:39 +0200
committermail_redacted_for_web 2022-07-17 15:55:39 +0200
commit1c29bd783fd662f414c85a11894a8b7cf7e17234 (patch)
tree946cd2ec184de7a78d7c673541cdabe833a08397
parent6785e2d83ce61ff19f6d72e697c73c31181b9549 (diff)
downloaddotfiles-1c29bd783fd662f414c85a11894a8b7cf7e17234.tar.bz2
+par ssh key generation
-rw-r--r--.ssh/config.d/0000-all.conf3
1 files changed, 3 insertions, 0 deletions
diff --git a/.ssh/config.d/0000-all.conf b/.ssh/config.d/0000-all.conf
index b19eca4..df13d7c 100644
--- a/.ssh/config.d/0000-all.conf
+++ b/.ssh/config.d/0000-all.conf
@@ -20,6 +20,9 @@ ControlPath /run/user/%i/ssh/cm-%r@%h:%p
# often prone to vulnerabilities due to slow upgrading), you can re-enable this and you SHOULD do
# this ONLY for specific hosts. (Yes, this ofc also affects clients - which it did on an Arch Linux here.)
# Also see https://www.openssh.com/txt/release-8.2
+# In any case you should check whether your device understands rsa-sha2-* signature algorithms. While
+# testing this, I found out that "ssh-keygen -trsa" made my keys SHA-1 so far – you might want to change
+# that to "-t rsa-sha2-256" or whatever and check whether you can still connect to the RSA requiring hosts.
# If you have a proper naming convention for your devices, you can still easily wildcard this. If you
# don't, you either don't have many devices or you moronically did not think device names through. ;-)
# Host sophos* *-mik-*