Public SSH keys for the Hackerspace servers
The authorized_keys files on Hackerspace servers are automatically populated with the SSH keys in this repository on a per server basis.
Adding a new key will grant the key owner server access. Only add a key to the servers you need access to.
For services like deployment etc. it is important to add a new key specific for the service instead of reusing an existing one.
- Generate a new SSH key using
ssh-keygen.
ssh-keygen -t ed25519 -C "[email protected]"- Use
ed25519as the key type. It is more modern thanrsa. - For the comment, include a way to contact you, phone number or email (This is not necessary for keys used for services, then a comment with the service name is enough).
- Create a new branch, commit and push your public key file in the appropriate directory for the server inside the
keysdirectory.
Typically, a public key file looks something like the following:
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINvlUIQHvVRV0D+BY51Fzf2Q/r0wxMA9JPAPFk1iQTQv [email protected]
If you see the word PRIVATE anywhere in the file(s) you are commiting, stop immediately. Private keys are like passwords and should be treated as highly confidential.
- Open a pull request and have the DevOps leadership review the addition
After your key is merged in, you should get SSH access to the respective server within a few minutes.
Note
If you are new to SSH, there is a private guide in the DevOps server documentation on GitHub.
SSH keys should be removed from the repository as soon as they are no longer in use. This especially applies to retired DevOps members.
So when a member leaves the Hackerspace, their keys should be removed.
- Create a new branch, commit and push the removal of the appropriate key file
- Open a pull request and wait for review
- Merge the key removal