Today I Learned
I am subscribed to Cloudflare blog as they are in general really good. And definitely, you always learn something new (and want to cry because you have so much to learn from these guys).
This time was a dissection of conntrack in iptables to improve their firewall performance.
https://blog.cloudflare.com/conntrack-tales-one-thousand-and-one-flows
I never thought about the limits of the conntrack table and how important is to have in mind (or make a tattoo of) the iptables diagram:
I already use RSA ssh keys to access my VPS but a friend of mine send me a link about ED25519 public-key algorithm. But why ssh-keys? Mainly to avoid to type your password every single time.
https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54
I will not explain the maths behind because I can’t (but I would love to understand) so wikipedia can do a better work (and in the main time, think of donating a few bucks 🙂
https://en.wikipedia.org/wiki/EdDSA
If you still want to generate RSA keys (you can have both), this is my go-to link:
https://www.cyberciti.biz/faq/how-to-set-up-ssh-keys-on-linux-unix/
Summary, just in case the links disappear:
# create your key RSA or Ed25519
$ ssh-keygen -t rsa -f ~/.ssh/id_rsa4096 -b 4096 -C "user@origin"
or
$ ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "user@origin"
# Add your priv key into your ssh-agent so it is used when connecting to the destination
$ ssh-add ~/.ssh/id_xxx
# Copy your PUBLIC!!! key to the remote server you want to login with that key (and so you dont need to type a password)
$ ssh-copy-id -i .ssh/id_xxx.pub user@remove_server
# Test your new ssh-key
$ ssh -i ~/.ssh/id_xxx user@remove_server
