SSH key rotation

From translatewiki.net
  1. Generate a new key in /root/keyholder. Suggested naming convention is l10n-bot-YYYY. Protect the key with a passphrase and it it to the vault
  2. Make a commit like https://gerrit.wikimedia.org/r/c/translatewiki/+/881425
  3. Manually restart and arm keyholder-agent and keyholder-proxy
  4. Confirm that it works, the order of restarting can be fiddly
  5. Replace ssh key in all forges
  6. Remove the old key
Retrieved from "https://translatewiki.net/w/i.php?title=SSH_key_rotation&oldid=11437511"