From 3a620a3abb799e9ba6296d96e53fad5df6ddbc4e Mon Sep 17 00:00:00 2001 From: Adar Nimrod <nimrod@shore.co.il> Date: Tue, 11 May 2021 09:22:33 +0300 Subject: [PATCH] Move all SSH keys back to ~/.ssh. Another step in avoiding secrets in cleartext in Nextcloud. Although the whole drive in the Nextcloud host is encrypted, I find it better to not have them in cleartext there (in case they ever find an issue with Nextcloud itself). --- .ssh/config.d/20_github | 2 +- .ssh/config.d/20_gitlab_fdo | 2 +- .ssh/config.d/20_gitlab_toptal | 2 +- .ssh/config.d/20_shore | 8 ++++---- Makefile | 28 ++-------------------------- 5 files changed, 9 insertions(+), 33 deletions(-) diff --git a/.ssh/config.d/20_github b/.ssh/config.d/20_github index eb0b6b7..74252a5 100644 --- a/.ssh/config.d/20_github +++ b/.ssh/config.d/20_github @@ -4,4 +4,4 @@ Host github.com User git -IdentityFile ~/Documents/github_ed25519 +IdentityFile ~/.ssh/github_ed25519 diff --git a/.ssh/config.d/20_gitlab_fdo b/.ssh/config.d/20_gitlab_fdo index 006a7de..834ef6d 100644 --- a/.ssh/config.d/20_gitlab_fdo +++ b/.ssh/config.d/20_gitlab_fdo @@ -4,5 +4,5 @@ Host gitlab.freedesktop.org User git -IdentityFile ~/Documents/gitlab_fdo +IdentityFile ~/.ssh/gitlab_fdo diff --git a/.ssh/config.d/20_gitlab_toptal b/.ssh/config.d/20_gitlab_toptal index 3b3b0af..76e919b 100644 --- a/.ssh/config.d/20_gitlab_toptal +++ b/.ssh/config.d/20_gitlab_toptal @@ -4,5 +4,5 @@ Host git.toptal.com User git -IdentityFile ~/Documents/TopTal/gitlab_toptal +IdentityFile ~/.ssh/gitlab_toptal diff --git a/.ssh/config.d/20_shore b/.ssh/config.d/20_shore index d02fe27..ae42049 100644 --- a/.ssh/config.d/20_shore +++ b/.ssh/config.d/20_shore @@ -9,12 +9,12 @@ Host host01.shore.co.il ns4.shore.co.il LocalForward 9090 localhost:9090 Host ea6350.shore.co.il -IdentityFile ~/Documents/Shore/shore_rsa +IdentityFile ~/.ssh/shore_rsa User root LocalForward 8080 localhost:80 Host git.shore.co.il -IdentityFile ~/Documents/Shore/gitlab_ed25519 +IdentityFile ~/.ssh/gitlab_ed25519 HostName host01.shore.co.il Port 2222 @@ -27,6 +27,6 @@ LocalForward 8080 localhost:8080 Port 2222 Host *.shore.co.il 192.168.3.* -IdentityFile ~/Documents/Shore/shore_ecdsa -IdentityFile ~/Documents/Shore/shore_ed25519 +IdentityFile ~/.ssh/shore_ecdsa +IdentityFile ~/.ssh/shore_ed25519 User nimrod diff --git a/Makefile b/Makefile index b466d7a..bafd2b7 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ ansible-local = ansible localhost -c local -i localhost, -e "ansible_python_inte all: binaries vendored generated vendored: .config/pythonrc.py .bash_completion.d/aws .bash_completion.d/docker-compose .bash_completion.d/docker-machine.bash .bash_completion.d/docker-machine.bash .bash_completion.d/molecule Documents/bin/rabbitmqadmin -generated: .ssh/config .bash_completion.d/helm .bash_completion.d/kops .bash_completion.d/kubectl .bash_completion.d/kompose .bash_completion.d/minikube .bash_completion.d/pipenv .bash_completion.d/pandoc .bash_completion.d/skaffold .bash_completion.d/rabbitmqadmin .ssh/localhost .ssh/localhost.pub .ssh/authorized_keys .bash_completion.d/minishift .bash_completion.d/oc .bash_completion.d/poetry .bashrc.private Documents/github_ed25519 Documents/gitlab_fdo Documents/TopTal/gitlab_toptal Documents/Shore/shore_rsa Documents/Shore/gitlab_ed25519 Documents/Shore/shore_ecdsa Documents/Shore/shore_ed25519 +generated: .ssh/config .bash_completion.d/helm .bash_completion.d/kops .bash_completion.d/kubectl .bash_completion.d/kompose .bash_completion.d/minikube .bash_completion.d/pipenv .bash_completion.d/pandoc .bash_completion.d/skaffold .bash_completion.d/rabbitmqadmin .ssh/localhost .ssh/localhost.pub .ssh/authorized_keys .bash_completion.d/minishift .bash_completion.d/oc .bash_completion.d/poetry .bashrc.private .ssh/github_ed25519 .ssh/gitlab_fdo .ssh/gitlab_toptal .ssh/shore_rsa .ssh/gitlab_ed25519 .ssh/shore_ecdsa .ssh/shore_ed25519 binaries: $(DESTDIR)/share/bfg/bfg.jar $(DESTDIR)/bin/rke $(DESTDIR)/bin/docker-machine $(DESTDIR)/bin/packer $(DESTDIR)/bin/terraform $(DESTDIR)/bin/vault $(DESTDIR)/bin/kubectl $(DESTDIR)/bin/kops $(DESTDIR)/bin/kompose $(DESTDIR)/bin/minikube $(DESTDIR)/bin/docker-machine-driver-kvm2 $(DESTDIR)/bin/kustomize $(DESTDIR)/bin/pack $(DESTDIR)/bin/skaffold $(DESTDIR)/bin/minishift $(DESTDIR)/bin/oc $(DESTDIR)/bin/docker-machine-driver-kvm $(DESTDIR)/bin/gomplate $(DESTDIR)/bin/envconsul $(DESTDIR)/bin/helm $(DESTDIR)/bin/hugo @@ -223,30 +223,6 @@ Documents/bin/rabbitmqadmin: .bashrc.private: Documents/Database.kdbx echo "export GITLAB_TOKEN='$$(ph show --field Password 'shore.co.il/GitLab token')'" > '$@' -Documents/github_ed25519: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/gitlab_fdo: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/TopTal/gitlab_toptal: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/Shore/shore_rsa: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/Shore/gitlab_ed25519: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/Shore/shore_ecdsa: Documents/Database.kdbx - ph show --field Notes "SSH/$$(basename "$@")" > '$@' - chmod 600 '$@' - -Documents/Shore/shore_ed25519: Documents/Database.kdbx +.ssh/%: Documents/Database.kdbx ph show --field Notes "SSH/$$(basename "$@")" > '$@' chmod 600 '$@' -- GitLab