h759bkyo4/Documentation
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Revise

Browse source
This commit is contained in:
Jeremy 2022-07-31 11:19:06 +12:00 committed by Gitea
parent d5ef600ae9
commit 71e01038c5
4 changed files with 12 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
content/security/2fa.md
View file

@ -8,7 +8,7 @@ eleventyNavigation:
## Why two-factor authentication?
While it is important to have a strong password for extra security, it is a good idea to configure two-factor Authentication for your account in case your password or device ever gets compromised.
While it is important to have a strong password for extra security, it is a good idea to configure two-factor authentication for your account in case your password or device ever gets compromised.
With two-factor authentication, you will be asked for an authentication code generated using your phone in addition to your password when logging into Codeberg.

6
content/security/gpg-key.md
View file

@ -18,7 +18,7 @@ If you have your public key in an easy-to-find location, great! You can skip to
> If you are using a Linux distro, this might already be installed. Check by typing `gpg --version` in the terminal.
2. Type `gpg --list-secret-keys --keyid-format LONG` into your terminal, and it will list all the keys that you have both a public and a private key for.
3. Look through the output for a key you want. Continue to [Generating a GPG key](#generating-a-gpg-keypair) if there are none or none that you want to use. If you wish to use one, go to [adding your GPG key to Codeberg](#adding-your-public-gpg-key-to-codeberg).
3. Look through the output for a key you want. Continue to [Generating a GPG key](#generating-a-gpg-keypair) if there are none, or if there are none that you want to use. If you wish to use one, go to [adding your GPG key to Codeberg](#adding-your-public-gpg-key-to-codeberg).
> **IMPORTANT**
> Be sure that your selected key uses the same email as your Codeberg account.
@ -29,10 +29,10 @@ If you havent already, be sure to [install](https://gnupg.org/download/index.
1. Type `gpg --full-generate-key` into your terminal.
2. Type `1` and press Enter to select `RSA and RSA`.
3. Enter your desired key size; we recommend 4096 bits. Press Enter to confirm.
4. Choose the amount of time you want it to be valid for; we recommend 1-2 years for increased security, however you can type 0 for it to never expire. Press Enter to confirm.
4. Choose the amount of time you want it to be valid for; we recommend 1-2 years for increased security, but you can type 0 if you don't want it expire. Press Enter to confirm.
5. Verify your selections are correct, then type `y` and press Enter to confirm.
6. Enter your information; be sure to use the same email as your Codeberg account.
7. Type in a passphrase; make sure you write it down somewhere safe. You'll need it later to add your key to Git or revoke it if it is compromised.
7. Type in a passphrase; make sure you write it down somewhere safe. You'll need it later to add your key to Git or revoke it if it's compromised.
## Adding your public GPG key to Codeberg

11
content/security/ssh-fingerprint.md
View file

@ -8,11 +8,12 @@ eleventyNavigation:
When you connect to Codeberg via SSH, for example
[to clone or commit](/git/clone-commit-via-cli/), you need to make sure that
you're actually connected to Codeberg's servers and not someone else's,
attempting to execute a so-called [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack).
you're actually connected to Codeberg's servers and not someone else's
who's attempting to execute a so-called [man-in-the-middle attack](https://en.wikipedia.org/wiki/Man-in-the-middle_attack).
To protect you against these sort of attacks, SSH will ask you the first time
you connect to a new server, whether you want to trust that server:
To protect you against these sort of attacks,
SSH will ask you whether or not you want to trust a server the first time
you connect to it:
```bash
$ git clone git@codeberg.org:Codeberg/Documentation
@ -22,7 +23,7 @@ ECDSA key fingerprint is SHA256:T9FYDEHELhVkulEKKwge5aVhVTbqCW0MIRwAfpARs/E.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
```
When connecting to Codeberg, it is important that you check the displayed fingerprint
When connecting to Codeberg, it is important that you compare the displayed fingerprint
against one of the following fingerprints published by Codeberg:
```

2
content/security/ssh-key.md
View file

@ -8,7 +8,7 @@ eleventyNavigation:
It is recommended to use one key per client. This means that if you access your Codeberg repository from your home PC, your laptop and your office PC you should generate separate keys for each machine.
## Generating an SSH key (pair)
## Generating an SSH key pair
1. Open Terminal on Linux/macOS, or Git Bash on Windows.