geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
home-lab/machines
History
Geir Okkenhaug Jerstad 77e6b9a501 feat: Implement two-key SSH management strategy 
- Add modules/security/ssh-keys.nix for centralized SSH key management
- Generate role-specific SSH keys with geir@geokkjer.eu email:
  - Admin key (geir@geokkjer.eu-admin) for sma user server access
  - Development key (geir@geokkjer.eu-dev) for geir user and git services
- Update SSH client config with role-based host patterns
- Configure users/geir.nix and users/sma.nix with appropriate key access
- Add SSH key setup to both machine configurations
- Create scripts/setup-ssh-keys.sh for key generation automation
- Update plan.md with completed SSH security implementation

Security benefits:
- Principle of least privilege (separate admin vs dev access)
- Limited blast radius if keys are compromised
- Clear usage patterns: ssh admin-sleeper vs ssh geir@sleeper-service.home
- Maintains compatibility with existing services during transition
2025-06-05 16:25:33 +02:00
..
congenital-optimist feat: Implement two-key SSH management strategy 2025-06-05 16:25:33 +02:00
grey-area docs: update grey-area hardware specifications 2025-06-04 16:36:06 +02:00
reverse-proxy docs: add content to reverse-proxy About.org 2025-06-04 16:36:44 +02:00
sleeper-service feat: Implement two-key SSH management strategy 2025-06-05 16:25:33 +02:00