Why activate the device atSign on the client?

When you activate an atSign, you are doing a handful of steps to prepare the atSign for use. One of these steps is cutting a unique set of cryptographic keys.

The first time you activate, this set of keys that gets generated is a set of management keys. These keys have full permissions to your atServer, the personalized service which powers your atSign.

We recommend cutting the management keys on the client for a few reasons:

It's extremely important that you don't lose these keys:
1. They are less likely to get lost on your client machine than on your device.
2. If a device is stolen you still have your management keys to recover from the theft.
For each device we can issue it's own set of cryptographic keys which has a few perks:
1. This allows us to limit the permissions of those keys to the bare minimum required for NoPorts.
2. If a device gets compromised, we can safely revoke the set of cryptographic keys associated with that device, without affecting the other devices using the same atSign.

PreviousHow to generate SSH keys NextThe NoPorts Philosophy

Last updated 2 months ago