Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

What's the recommended way in 2019 for setting up ssh keys and authorized hosts on boot?

Featured Replies

I've found all sorts of threads on how to best setup SSH keys and authorized_keys files on each boot since they are blown away each time.  I'm trying to see if there is a single best approach that's recommended now in 2019 that's easy to setup and maintain.

 

Right now what I'm doing is to have my keys and authorized_keys files in /boot/config/ssh/, and in the /boot/config/go file, I copy the files to ~/.ssh/. I use umask in the bash script like follows to handle the permissioning:

#!/bin/bash

# umask setup
umask 077

# Variable Setup
CONFIG=/boot/config/ssh
HOME_SSH=/root/.ssh

if [ ! -d "$HOME_SSH" ]; then
    mkdir $HOME_SSH
    cp $CONFIG/authorized_keys $HOME_SSH
    cp $CONFIG/known_hosts $HOME_SSH
fi

The one flaw in this is that as my server is running 24x7 like most of you, if I ever make changes to my ssh keys, authorized_keys or known_hosts, I have to remember to make changes in /boot/config/ssh then copy the files to ~/.ssh/.

 

What I was thinking would be better was to instead of copy then, make symbolic links to my master files in /boot/config/ssh from ~/.ssh/.  Then I only every update one spot.

 

I read some other threads using the /etc/ssh/ directory with some confusing comments about something that happens on boot where keys are copied from /boot/config/ssh automatically to /etc/ssh.  If the keys are present in /etc/ssh and the system uses those automatically, then do i even need keys in ~/.ssh?  Confusing...

 

this is where you all come in. There has got to be a small # of ways that are best in terms of ease to setup, and ease to maintain as keys are changed etc.

 

 

 

I'm also interested to know the best way to do this.  It's a problem I've been meaning to solve for months!  It's just so hard to remember to do it when I almost never reboot my unRAID host.

 

For now I'm stealing your idea unless there is a better way! 

  • 2 weeks later...
  • Author

No one has guidance?

this works for the SSH keys by adding to the /boot/config/go file, where foo is the key

 

mkdir ~/.ssh
echo 'foo' > ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys && chmod 644 ~/.ssh

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.