homelab-agents/VPS-SSH-KEY-SETUP.md

# SSH Key Setup for New VPS

Quick guide to add your SSH private key to a new VPS and configure it for Gitea.

## Step 1: Create .ssh Directory

```bash
mkdir -p ~/.ssh
```

## Step 2: Add Private Key

Get your private key from 1Password and create the file:

```bash
cat > ~/.ssh/id_ed25519 << 'KEY'
[PASTE YOUR ENTIRE PRIVATE KEY HERE - from -----BEGIN to -----END]
KEY
```

## Step 3: Set Correct Permissions

This is critical for SSH to work:

```bash
chmod 600 ~/.ssh/id_ed25519
```

This makes the key readable/writable by you only. SSH requires this for security.

## Step 4: Start SSH Agent

```bash
eval "$(ssh-agent -s)"
```

You should see: Agent pid XXXXX

## Step 5: Add Key to Agent

```bash
ssh-add ~/.ssh/id_ed25519
```

You should see: Identity added

## Step 6: Test Connection

```bash
ssh -T git@100.120.125.113
```

Should respond with authentication success message.

## Step 7: Make SSH Agent Persistent (Optional)

Add to ~/.bashrc to avoid running the agent setup every time:

```bash
if ! pgrep -u "$USER" ssh-agent > /dev/null; then
    eval "$(ssh-agent -s)" >> ~/.ssh/agent.env
fi
if [[ -f ~/.ssh/agent.env ]]; then
    source ~/.ssh/agent.env
fi
```

Then reload: source ~/.bashrc

## Permissions Explained

- chmod 600 = rw------- (read+write for owner only)
- SSH requires this for security
- Others cannot read your private key

## Troubleshooting

If still getting password prompts:
```bash
echo $SSH_AUTH_SOCK
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519
```

If "Bad permissions" error:
```bash
chmod 600 ~/.ssh/id_ed25519
chmod 700 ~/.ssh
```

## After SSH Works

```bash
bash <(curl -s http://100.120.125.113:3000/pdm/homelab-agents/raw/branch/main/scripts/bootstrap-agents.sh)
init-project my-project
```

You can now use Gitea without passwords!