From 7f8a7c101927aef7e69d0a742cda97fff2714662 Mon Sep 17 00:00:00 2001
From: Bo-Yi Wu <appleboy.tw@gmail.com>
Date: Sat, 30 Jul 2022 10:23:52 +0800
Subject: [PATCH] docs: add new section: Setting up a SSH Key

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
---
 README.md | 105 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 105 insertions(+)

diff --git a/README.md b/README.md
index a2d42a3..9fa93f0 100644
--- a/README.md
+++ b/README.md
@@ -66,6 +66,111 @@ SSH Proxy Setting:
 * proxy_fingerprint - fingerprint SHA256 of the host public key, default is to skip verification
 * proxy_use_insecure_cipher - include more ciphers with use_insecure_cipher (see [#15](https://github.com/appleboy/scp-action/issues/15))
 
+### Setting up a SSH Key
+
+Make sure to follow the below steps while creating SSH Keys and using them.
+The best practice is create the SSH Keys on local machine not remote machine.
+Login with username specified in Github Secrets. Generate a RSA Key-Pair:
+
+<details>
+<summary>rsa</summary>
+<p>
+
+```bash
+ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
+```
+
+</p>
+</details>
+
+<details>
+<summary>ed25519</summary>
+<p>
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
+</p>
+</details>
+
+Add newly generated key into Authorized keys. Read more about authorized keys [here](https://www.ssh.com/ssh/authorized_keys/).
+
+<details>
+<summary>rsa</summary>
+<p>
+
+```bash
+cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+</p>
+</details>
+
+<details>
+<summary>ed25519</summary>
+<p>
+
+```bash
+cat .ssh/id_ed25519.pub | ssh b@B 'cat >> .ssh/authorized_keys'
+```
+
+</p>
+</details>
+
+Copy Private Key content and paste in Github Secrets.
+
+<details>
+<summary>rsa</summary>
+<p>
+
+```bash
+clip < ~/.ssh/id_rsa
+```
+
+</p>
+</details>
+
+<details>
+<summary>ed25519</summary>
+<p>
+
+```bash
+clip < ~/.ssh/id_ed25519
+```
+
+</p>
+</details>
+
+See the detail information about [SSH login without password](http://www.linuxproblem.org/art_9.html).
+
+**A note** from one of our readers: Depending on your version of SSH you might also have to do the following changes:
+
+* Put the public key in `.ssh/authorized_keys2`
+* Change the permissions of `.ssh` to 700
+* Change the permissions of `.ssh/authorized_keys2` to 640
+
+### If you are using OpenSSH
+
+If you are currently using OpenSSH and are getting the following error:
+
+```bash
+ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey]
+```
+
+Make sure that your key algorithm of choice is supported. On Ubuntu 20.04 or later you must explicitly allow the use of the ssh-rsa algorithm. Add the following line to your OpenSSH daemon file (which is either `/etc/ssh/sshd_config` or a drop-in file under 
+`/etc/ssh/sshd_config.d/`):
+
+```bash
+CASignatureAlgorithms +ssh-rsa
+```
+
+Alternatively, `ed25519` keys are accepted by default in OpenSSH. You could use this instead of rsa if needed:
+
+```bash
+ssh-keygen -t ed25519 -a 200 -C "your_email@example.com"
+```
+
 ### Example
 
 Copy file via a SSH password: