# Generate a new set of cryptographic keys "**Old machine**" is the machine that has the **original** set of cryptographic keys that were generated. "**New machine**" is the device you want the new set of cryptographic keys on. ### Step 1) Generate a passcode from your Old machine Choose the operating system that is running on your old machine. {% tabs %} {% tab title="MacOS/Linux" %} {% hint style="warning" %} Make sure to replace `` with your client atSign {% endhint %} ``` ~/.local/bin/at_activate otp -a @ ``` {% endtab %} {% tab title="Windows" %} #### 1.1 Open the Windows installer program and click "Manage Keys"

#### 1.2 Enter the atSign you wish to manage and click "Next"

#### 1.3 Click "New OTP"

#### 1.4 Wait a few seconds for the OTP to appear then proceed to Step 2 on the New machine

{% endtab %} {% endtabs %} ### Step 2) Make an authorization request on your New machine Choose the operating system that is running on your new machine. {% tabs %} {% tab title="Running MacOS/Linux" %} {% hint style="warning" %} Make sure to replace the appropriate values:\ `` with your client atSign\ `` with a unique name for the device\ `` with the passcode from **Step 1** {% endhint %} ``` ~/.local/bin/at_activate enroll -a @ \ -s \ -p noports \ -k ~/.atsign/keys/@_key.atKeys \ -d \ -n "sshnp:rw,sshrvd:rw" ``` {% endtab %} {% tab title="Running Windows" %} #### 2.1 Open the Windows Installer and click "Generate Keys"

#### 2.2 Enter the atSign you wish to transfer and click "Next"

#### 2.3 Enter the OTP then press "Generate"

#### 2.4 Proceed to Step 3. Once the request has been approved in Step 3, you should see this screen

{% endtab %} {% endtabs %} ### Step 3) Approve the request on your Old machine Choose the operating system that is running on your old machine. {% tabs %} {% tab title="MacOS/Linux" %} {% hint style="warning" %} Make sure to replace `` with the device name from **Step 2** {% endhint %} ``` ~/.local/bin/at_activate approve -a @ \ --arx noports \ --drx ``` {% endtab %} {% tab title="Windows" %} {% hint style="info" %} If you aren't already on the "Manage Keys" screen, follow **Steps 1.1 and 1.2** above. {% endhint %} #### 3.1 Once step 2 is complete press refresh and the new request will appear

#### 3.2 Approve or Deny the request * If the request looks incorrect, then press "Deny" to deny it, and start the process again. * If the request looks correct, then press "Approve" to approve it.

#### 3.3 Once the request is approved, it should disappear from the installer, the new machine's enrollment should complete in a few seconds.

{% endtab %} {% endtabs %}