Reorder default config file #1210
Comments
@perguth , hi. You can export the private key to the separate file with the PEM extension. Try use the following command in your unix-like system: yggdrasil -useconffile /etc/yggdrasil/yggdrasil.conf -exportkey >> /etc/yggdrasil/yggdrasil.pemThen, you can replace the PrivateKeyPath: /etc/yggdrasil/yggdrasil.pemYou can also generate a PEM file with a random private key: yggdrasil -genconf | yggdrasil -useconf -exportkey >> random-private-key.pemIn general, you can separate a configuration delivery and the key generation: cp -u /your/custom/yggdrasil.conf /etc/yggdrasil/yggdrasil.conf
if [ ! -f /etc/yggdrasil/yggdrasil.pem ]; then
yggdrasil -genconf | yggdrasil -useconf -exportkey >> /etc/yggdrasil/yggdrasil.pem
fiI think it is not difficult to make a deb/rpm package with a similar solution |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For newly created config files, move private keys to the end:
Order items from "high probability of mangling" to "purely technical"/"super secret" content.
This approach is more hackerspace-friendly. I think most ideally the private key would have its own file even. Then we could revert the main config file permissions to a more user friendly
g+r.The text was updated successfully, but these errors were encountered: