AGE - Encrypt Files with SSH Keys

Stumbled upon something that I’ve missed for a long time: encrypting files with the ssh public key :) Source Install Package OpenBSD (and most others *nix systems) got a package for age. Just install it. doas pkg_add age Asymmetric Encryption Asymmetric Encryption encrypts and decrypts the data using two separate yet mathematically connected cryptographic keys. These keys are known as a ‘Public Key’ and a ‘Private Key’. Together, they’re called a ‘Public and Private Key Pair’


i like to run honeypots … ok, to be honest, it’s not a honeypot. It’s a productive maschine for me, but all the bots trying to get in get’s redirected to a Honeypot, the credentials were captured and last but not least, you can watch them live in your browser :) btw. 100k failed login attempts in 10 Day … have fun ! sha256: 8ae49e2283f894d5ab59ec16309f4f1d4aa547c0fd90705f969bae0d20d3b6f2

SSH Server behind Firewall

got a Server behing NAT / Firewall ? Need Shell access to … ? Server behind NAT/FW user@server$ ssh -R 1234:localhost:22 my.public.jumpbox Access Server ssh my.public.jumpbox user@jumpbox$ ssh -p 1234 localhost user@server$ and you’re in :) sha256: 81b4dc1d84f9f8bcbf5060f382853759fffa1e5824e2ae98ad5508a082db5dfd


like ssh and secure keys ? Generate Secure Key ssh-keygen -o -a 100 -t ed25519 -C "MyFamousComment" ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname`" ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname` `date \"+%Y-%m-%d\"`" ssh-keygen -o -a 100 -t ed25519 -C "`whoami` `hostname` `date \"+%Y-%m-%d %H:%M\"`" What’s ed25519 ? Wikipedia about Curve25519 Distribute Key ssh-copy-id user@remote-server-ip-or-dns-name Connect to Remote Connect to Remove without Agent Forwarding (use this unless you know what you’re dooing …)