LogoLogo
  • NoPorts Documentation
  • Getting Started
  • Installation
    • Quick Start from macOS or Windows
    • Connecting from macOS
      • macOS to macOS
      • macOS to Linux
      • macOS to Windows
    • Connecting from Linux
      • Linux to macOS
      • Linux to Linux
      • Linux to Windows
    • Connecting from Windows
      • Windows to macOS
      • Windows to Linux
      • Windows to Windows
    • Cloud Installation Guides
      • Automated Installation on Amazon Web Services (AWS)
      • Automated Installation on Google Cloud Platform (GCP)
      • Automated Installation on Microsoft Azure
      • Automated Installation on Oracle Cloud Infrastructure (OCI)
    • OpenWrt Installation Guide
    • Manual Installation Guides
      • Device Installation
        • Tmux session
        • Standalone Binaries
        • Systemd Unit
        • Headless
      • Client Installation
    • Custom OS/Device Installs
      • IPFire
    • Installs at Scale
    • Upgrading NoPorts Software
      • NoPorts Client Upgrade
      • NoPorts Daemon Upgrade
    • Available Releases
  • Use Cases
    • SSH
    • SFTP
    • RDP
    • Web Server
    • SMB
    • Be your own VPN
  • Usage
    • npt Usage
    • sshnp Usage
      • Client Additional Configuration
    • sshnpd configuration
      • Daemon Additional Configuration
  • Integrations
    • OpenSSH Config
    • PuTTY config
  • Resources
    • How to activate an atSign
    • Reuse your client atSign on another machine
      • Generate a new set of cryptographic keys
    • How to name a device
    • How to generate SSH keys
    • Why activate the device atSign on the client?
  • Product Information
    • The NoPorts Philosophy
    • NoPorts Desktop Application
    • NoPorts Policy Service
    • Frequently Asked Questions
    • How It Works
    • Under The Hood
    • Sequence Diagram
  • Related Pages
    • Main Site
    • GitHub
Powered by GitBook
On this page
  • Step 1) Generate a passcode from your Old machine
  • Step 2) Make an authorization request on your New machine
  • Step 3) Approve the request on your Old machine
Edit on GitHub
Export as PDF
  1. Resources
  2. Reuse your client atSign on another machine

Generate a new set of cryptographic keys

PreviousReuse your client atSign on another machineNextHow to name a device

Last updated 15 days ago

"Old machine" is the machine that has the original set of cryptographic keys that were generated. "New machine" is the device you want the new set of cryptographic keys on.

Step 1) Generate a passcode from your Old machine

Choose the operating system that is running on your old machine.

Make sure to replace <REPLACE_client> with your client atSign

~/.local/bin/at_activate otp -a @<REPLACE_client>

1.1 Open the Windows installer program and click "Manage Keys"

1.2 Enter the atSign you wish to manage and click "Next"

1.3 Click "New OTP"

1.4 Wait a few seconds for the OTP to appear then proceed to Step 2 on the New machine

Step 2) Make an authorization request on your New machine

Choose the operating system that is running on your new machine.

Make sure to replace the appropriate values: <REPLACE_client> with your client atSign <client_device_name> with a unique name for the device <PASSCODE> with the passcode from Step 1

~/.local/bin/at_activate enroll -a @<REPLACE_client> \
  -s <PASSCODE> \
  -p noports \
  -k ~/.atsign/keys/@<REPLACE_client>_key.atKeys \
  -d <client_device_name> \
  -n "sshnp:rw,sshrvd:rw"

2.1 Open the Windows Installer and click "Generate Keys"

2.2 Enter the atSign you wish to transfer and click "Next"

2.3 Enter the OTP then press "Generate"

2.4 Proceed to Step 3. Once the request has been approved in Step 3, you should see this screen

Step 3) Approve the request on your Old machine

Choose the operating system that is running on your old machine.

Make sure to replace <client_device_name> with the device name from Step 2

~/.local/bin/at_activate approve -a @<REPLACE_client> \
  --arx noports \
  --drx <client_device_name>

If you aren't already on the "Manage Keys" screen, follow Steps 1.1 and 1.2 above.

3.1 Once step 2 is complete press refresh and the new request will appear

3.2 Approve or Deny the request

  • If the request looks incorrect, then press "Deny" to deny it, and start the process again.

  • If the request looks correct, then press "Approve" to approve it.

3.3 Once the request is approved, it should disappear from the installer, the new machine's enrollment should complete in a few seconds.