LogoLogo
  • Home
  • Installation
    • Quick Start for MacOS and Windows
    • MacOS Installation Guides
      • MacOS Desktop Client Installation
      • MacOS CLI Client Installation
      • MacOS Device Installation
    • Linux Installation Guide
      • Linux Cli Client Installation
      • Linux Device Installation
    • Windows Installation Guide
      • Windows Desktop Client Installation
      • Windows CLI Client Installation
      • Windows Device Installation
    • Manual Installation Guides
      • Device installation
        • Tmux session
        • Standalone Binaries
        • Systemd Unit
        • Headless
      • Device Upgrade
      • Installs at scale
      • Client installation
      • Client Upgrade
    • OpenWrt Installation Guide
    • Custom OS/Device Installs
      • IPFire
    • Cloud Installation Guides
      • Automated Installation on Amazon Web Services (AWS)
      • Automated Installation on Google Cloud Platform (GCP)
      • Automated Installation on Microsoft Azure
      • Automated Installation on Oracle Cloud Infrastructure (OCI)
    • Available Releases
  • Installation FAQ
    • How to activate an atSign
    • Reuse your client atSign on another machine
      • Generate a new set of cryptographic keys
    • How to name a device
    • How to generate SSH keys
    • Why activate the device atSign on the client?
  • Usage
    • npt Usage
      • Additional Configuration
    • sshnp Usage
      • Client Additional Configuration
    • sshnpd configuration
      • Daemon Additional Configuration
  • Integrations
    • OpenSSH config
    • PuTTY config
  • Use Cases
    • SSH
    • SFTP
    • RDP
    • Web Server
    • SMB
    • Be your own VPN
  • Product Information
    • NoPorts Policy Service
    • FAQ
    • How It Works
    • Under The Hood
    • Sequence Diagram
  • Related Pages
    • Main Site
    • GitHub
Powered by GitBook
On this page
  • Step 1) Generate a passcode from your Old machine
  • Step 2) Make an authorization request on your New machine
  • Step 3) Approve the request on your Old machine
Edit on GitHub
Export as PDF
  1. Installation FAQ
  2. Reuse your client atSign on another machine

Generate a new set of cryptographic keys

PreviousReuse your client atSign on another machineNextHow to name a device

Last updated 1 month ago

"Old machine" is the machine that has the original set of cryptographic keys that were generated. "New machine" is the device you want the new set of cryptographic keys on.

Step 1) Generate a passcode from your Old machine

Choose the operating system that is running on your old machine.

Make sure to replace <REPLACE_client> with your client atSign

~/.local/bin/at_activate otp -a @<REPLACE_client>

1.1 Open the Windows installer program and click "Manage Keys"

1.2 Enter the atSign you wish to manage and click "Next"

1.3 Click "New OTP"

1.4 Wait a few seconds for the OTP to appear then proceed to Step 2 on the New machine

Step 2) Make an authorization request on your New machine

Choose the operating system that is running on your new machine.

Make sure to replace the appropriate values: <REPLACE_client> with your client atSign <client_device_name> with a unique name for the device <PASSCODE> with the passcode from Step 1

~/.local/bin/at_activate enroll -a @<REPLACE_client> \
  -s <PASSCODE> \
  -p noports \
  -k ~/.atsign/keys/@<REPLACE_client>_key.atKeys \
  -d <client_device_name> \
  -n "sshnp:rw,sshrvd:rw"

2.1 Open the Windows Installer and click "Generate Keys"

2.2 Enter the atSign you wish to transfer and click "Next"

2.3 Enter the OTP then press "Generate"

2.4 Proceed to Step 3. Once the request has been approved in Step 3, you should see this screen

Step 3) Approve the request on your Old machine

Choose the operating system that is running on your old machine.

Make sure to replace <client_device_name> with the device name from Step 2

~/.local/bin/at_activate approve -a @<REPLACE_client> \
  --arx noports \
  --drx <client_device_name>

If you aren't already on the "Manage Keys" screen, follow Steps 1.1 and 1.2 above.

3.1 Once step 2 is complete press refresh and the new request will appear

3.2 Approve or Deny the request

  • If the request looks incorrect, then press "Deny" to deny it, and start the process again.

  • If the request looks correct, then press "Approve" to approve it.

3.3 Once the request is approved, it should disappear from the installer, the new machine's enrollment should complete in a few seconds.