borg: more secure known_hosts
and by "more" I mean "actually"
This commit is contained in:
parent
1095d4d3bb
commit
b496b2356a
3 changed files with 11 additions and 2 deletions
8
borg/README.md
Normal file
8
borg/README.md
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
# BorgBackup
|
||||||
|
The server is configured through `infrastructure/sigma/borg/`.
|
||||||
|
|
||||||
|
## Status
|
||||||
|
```shell
|
||||||
|
sudo systemctl status borg-daily.timer
|
||||||
|
sudo journalctl -eu borg-daily.service
|
||||||
|
```
|
1
borg/known_hosts
Normal file
1
borg/known_hosts
Normal file
|
@ -0,0 +1 @@
|
||||||
|
[borg.caspervk.net]:22222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILTAcXTN0i4BS5EEXtaHzYagbE1W7TCimbXiXamGsb7S
|
|
@ -33,8 +33,8 @@ sudo systemctl start borg-daily.timer
|
||||||
|
|
||||||
|
|
||||||
# SSH
|
# SSH
|
||||||
ssh-keyscan -t ed25519 -p 22222 borg.caspervk.net | sudo tee /root/.ssh/known_hosts # add backup server to known_hosts
|
sudo cp borg/known_hosts /root/.ssh/known_hosts
|
||||||
sudo ssh-keygen -t ed25519 || true # generate key for the root user, it's fine if it already exists
|
sudo ssh-keygen -t ed25519 || true # generate key for the root user, it's fine if it already exists
|
||||||
echo "Please add /root/.ssh/id_ed25519.pub to the servers authorized_keys"
|
echo "Please add /root/.ssh/id_ed25519.pub to the servers' authorized_keys"
|
||||||
read -p 'Press any key when done to test the connection.. (should return "PTY allocation request failed on channel 0")'
|
read -p 'Press any key when done to test the connection.. (should return "PTY allocation request failed on channel 0")'
|
||||||
sudo ssh borg@borg.caspervk.net -p 22222
|
sudo ssh borg@borg.caspervk.net -p 22222
|
||||||
|
|
Reference in a new issue