update

ssh/README.md

@@ -3,13 +3,18 @@
 ### Generate SSH key pair
 
 ```console
-$ ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
+ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "lupin@example.com"
+```
+
+#### Hardware Key
+```console
+ssh-keygen -o -a 100 -t ed25519-sk -f ~/.ssh/id_ed25519 -C "lupin@example.com"
 ```
 
 #### Change private key permissions
 
 ```console
-$ chmod 600 ~/.ssh/id_ed25519
+chmod 600 ~/.ssh/id_ed25519
 ```
 
 ### Client usage
@@ -17,7 +22,7 @@ $ chmod 600 ~/.ssh/id_ed25519
 To connect to a server, run:
 
 ```console
-$ ssh -p port user@server-address
+ssh -p port user@server-address
 ```
 
 `port` for default is `22`
@@ -25,11 +30,11 @@ $ ssh -p port user@server-address
 #### Copy SSH key
 
 ```console
-$ doas pacman -S xclip
+doas pacman -S xclip
 ```
 
 ```console
-$ xclip -sel clip < ~/.ssh/id_ed25519.pub
+xclip -sel clip < ~/.ssh/id_ed25519.pub
 ```
 
 #### Configuration
@@ -37,7 +42,7 @@ $ xclip -sel clip < ~/.ssh/id_ed25519.pub
 The client can be configured to store common options and hosts. All options can be declared globally or restricted to specific hosts. For example:
 
 ```console
-$ nano -w ~/.ssh/config
+nano -w ~/.ssh/config
 ```
 
 ```bash
@@ -53,11 +58,11 @@ Host myserver
 With such a configuration, the following commands are equivalent
 
 ```console
-$ ssh -p port user@server-address
+ssh -p port user@server-address
 ```
 
 ```console
-$ ssh myserver
+ssh myserver
 ```
 
 ### Server usage
@@ -87,7 +92,7 @@ Banner /etc/issue
 ### Copy public key to server
 
 ```console
-$ ssh-copy-id -i ~/.ssh/mykey.pub user@host
+ssh-copy-id -i ~/.ssh/mykey.pub user@host
 ```
 
 #### Securing the authorized_keys file
@@ -97,5 +102,5 @@ For additional protection, you can prevent users from adding new public keys and
 In the server, make the authorized_keys file read-only for the user and deny all other permissions:
 
 ```console
-$ chmod 400 ~/.ssh/authorized_keys
+chmod 400 ~/.ssh/authorized_keys
 ```