/
Opmantek Internal Dev Onboard New Hire Process (LATAM)

Opmantek Internal Dev Onboard New Hire Process (LATAM)

Sept 08, 2025

Generate SSH Keys


It is best practice to use a passphrase with ssh-keygen. The passphrase is used for encrypting the key, so that it cannot be used even if someone obtains the private key file.
The passphrase is only applicable to your private key, you do not have to use it every time you use ssh.

01 Create a first ssh key for general use

( to be used to ssh to Linux Servers to which you have ssh access )

cd ~/.ssh
ssh-keygen -t rsa -f id_rsa
cat id_rsa.pub
cd ~
# Then use id_rsa.pub

# Add the new key to your keychain:
ssh-add ~/.ssh/id_rsa


02 Create a new ssh key for git

This key was used by gitolite, now used by BitBucket.

Only needed by opDev for software development.

( With regards to git, please read /wiki/spaces/opDev/pages/3164721901 )

cd ~/.ssh
ssh-keygen -t rsa -f id_rsa_git
cat id_rsa_git.pub
cd ~
# Then use id_rsa_git.pub
 
# Add the new key to your keychain:
ssh-add ~/.ssh/id_rsa_git


03 Generate Hashed Password for sudo

( to be used as your User Password for Linux Servers to which you have 'sudo -i' access )


For Debian/Ubuntu Linux

    mkpasswd --method=sha512crypt MyInsecurePassword


For Apple iOS and RHEL/Centos/Rocky Linux and Windows with Git Bash

There is not a single standard mkpasswd that is the same on all distributions of Linux.
Debian/Ubuntu have a mkpasswd that takes a password and creates a hash
RHEL/Centos/Rocky have a mkpasswd that generates a random password, not a hash.

The best solution I have found for Linux and Git Bash is to use openssl.

john.sinclair@John-S-AsusVivoBook MINGW64 $ openssl passwd -6 MyInsecurePassword
$6$Nf.BPObbtBtVefds$E51cbF6rfNkCc3f.CDk64/yJ8DR9Zm0IRAIUHeqYgZnO.clHg0RzdlG56YphfKnXG/GLDidKbndAWlUy4KlII0

john.sinclair@John-S-AsusVivoBook MINGW64 $

04 Generate htpasswd hash for NMIS

( to be used as your NMIS password on Opmantek Development Servers in users.dat )

Your NMIS username is your Opmantek username, which is your firstname and the initial of your surname. eg for Fred Bloggs it would be fredb

For Linux

    htpasswd -n yourUserName
    New password:
    Re-type new password:
    yourUserName: $apr1$XLrUJO0f$NpKHUp7DJ4hsut2QSysqy.


For Windows with Git Bash

    openssl passwd -apr1 yourNmisPassword
    $apr1$2UMoiuM5$FDm7PZw5ySx4JGeFKMgbz1

Please forward the applicable public SSH key(s) and the two generated password hashes (indicating which is which) to john.sinclair@firstwavecloud.com so that the necessary access to Opmantek resources can be completed.