|
|
|
@ -856,6 +856,18 @@ ssh: |
|
|
|
ssh-keygen -t ed25519 -a 100 |
|
|
|
Good ol' RSA, with 4096 bits for good measure |
|
|
|
ssh-keygen -t rsa -b 4096 -o -a 100 |
|
|
|
Restricted access for backups: |
|
|
|
Create system user with no password, give it a HOME and a group (or use a backup group) |
|
|
|
Prepend key in .ssh/authorized_keys with |
|
|
|
command="scp -f /path/to/<file|wildcard>",no-agent-forwarding,no-port-forwarding,no-pty,no-X11-forwarding ssh-rsa AAAAB[...] |
|
|
|
Setup rssh |
|
|
|
pacman -S rssh |
|
|
|
# Access bits order: rsync, rdist, cvs, sftp, scp, svnserve |
|
|
|
echo "user=<backup user>:<umask>:000010:" >> /etc/rssh.conf |
|
|
|
sudo chsh -s /usr/bin/rssh <backup user> |
|
|
|
Fix key auth: |
|
|
|
chmod 700 ~/.ssh/ |
|
|
|
chmod 600 ~/.ssh/authorized_keys |
|
|
|
|
|
|
|
Run MSVC on linux with Wine: |
|
|
|
As seen on the internet, not tested: |
|
|
|
|
lhark
5 years ago