- Quick Start Guide
- Prerequisites
- Directory Structure
- Detailed Setup Instructions
- Error Resolution Guide
- FileZilla Integration
- Maintenance Procedures
- Command Reference
#Quick Start Guide
# 1. Create SSH directory
mkdir G:\01-documents\.ssh
# 2. Set permissions
icacls G:\01-documents\.ssh /inheritance:r
icacls G:\01-documents\.ssh /grant:r "$($env:USERNAME):(OI)(CI)F"
# 3. Generate key
ssh-keygen -t ed25519 -C "borgbase-backup"
# 4. Set key permissions
icacls G:\01-documents\.ssh\id_ed25519 /inheritance:r
icacls G:\01-documents\.ssh\id_ed25519 /grant:r "$($env:USERNAME):R"
#Prerequisites
- Windows 11
- powershell %} 7.5.0+
- Administrator access
- BorgBase account
#Directory Structure
G:\01-documents\.ssh\
├── id_ed25519 # Private key (600 permissions)
├── id_ed25519.pub # Public key (644 permissions)
└── config # SSH configuration file
#Detailed Setup Instructions
#1. SSH Directory Creation
# Create directory
mkdir G:\01-documents\.ssh -ErrorAction SilentlyContinue
# Verify creation
if (Test-Path G:\01-documents\.ssh) {
Write-Host "SSH directory created successfully"
} else {
Write-Error "Failed to create SSH directory"
exit 1
}
#2. Security Configuration
# Remove inheritance
icacls G:\01-documents\.ssh /inheritance:r
# Set user permissions
icacls G:\01-documents\.ssh /grant:r "$($env:USERNAME):(OI)(CI)F"
# Verify permissions
$acl = Get-Acl G:\01-documents\.ssh
if ($acl.Access.Count -eq 1) {
Write-Host "Permissions set correctly"
} else {
Write-Warning "Unexpected permission count"
}
#3. Key Generation
ssh-keygen -t ed25519 -C "borgbase-backup"
# When prompted:
# - Path: G:\01-documents\.ssh\id_ed25519
# - Passphrase: Strongly recommended
#4. Key Permission Setup
# Private key
icacls G:\01-documents\.ssh\id_ed25519 /inheritance:r
icacls G:\01-documents\.ssh\id_ed25519 /grant:r "$($env:USERNAME):R"
# Public key
icacls G:\01-documents\.ssh\id_ed25519.pub /inheritance:r
icacls G:\01-documents\.ssh\id_ed25519.pub /grant:r "$($env:USERNAME):R"
#5. SSH Configuration
$config = @"
Host borgbase
HostName fdw7g8ds.repo.borgbase.com
User fdw7g8ds
IdentityFile G:\01-documents\.ssh\id_ed25519
IdentitiesOnly yes
"@
$config | Out-File -Encoding utf8 G:\01-documents\.ssh\config
#6. BorgBase Key Upload
- Copy public key:
Get-Content G:\01-documents\.ssh\id_ed25519.pub | clip
- Web Interface Steps:
- Navigate to BorgBase SSH Keys section
- Click “Add SSH Key”
- Paste the copied key
- Label: “windows-backup-[DATE]”
- Save changes
#7. Backup Procedures
- Export Configuration:
# Create backup directory
$backupDir = "G:\01-documents\.ssh\backup-$(Get-Date -Format 'yyyyMMdd')"
mkdir $backupDir
# Backup files
Copy-Item G:\01-documents\.ssh\config $backupDir
Copy-Item G:\01-documents\.ssh\id_ed25519.pub $backupDir
- Secure Private Key:
- Use Windows BitLocker
- Or password manager’s secure notes
- Consider hardware security key
#Error Resolution Guide
#Common Errors
- Path Not Found (Exit Code 2)
# Error:
~\.ssh: The system cannot find the path specified.
# Solution:
Use absolute paths: G:\01-documents\.ssh
- Hostname Resolution (Exit Code 255)
# Error:
ssh: Could not resolve hostname borgbase
# Solutions:
- Use full hostname: ssh fdw7g8ds@fdw7g8ds.repo.borgbase.com
- Check DNS: nslookup fdw7g8ds.repo.borgbase.com
- Permission Denied
# Verify key permissions
icacls G:\01-documents\.ssh\id_ed25519
# Expected output should show only user read access
#FileZilla Integration
#Configuration Steps
- Site Manager (Ctrl+S)
- New Site Settings:
Protocol: SFTP
Host: fdw7g8ds.repo.borgbase.com
Port: 22
Logon Type: Key file
User: fdw7g8ds
Key file: G:\01-documents\.ssh\id_ed25519
#Maintenance Procedures
#Monthly Checks
- Permission Verification
# Run security audit
Get-Acl G:\01-documents\.ssh\id_ed25519 | Select-Object -ExpandProperty Access
- Connection Test
# Test SSH connection
ssh -T borgbase
- Backup Verification
# Verify backup integrity
Test-Path G:\01-documents\.ssh\backup-*
#Command Reference
| Command | Purpose | Expected Output |
|———|———-|—————-|
| icacls
| Set permissions | “Successfully processed” |
| ssh-keygen
| Generate keys | Fingerprint display |
| ssh -T
| Test connection | Connection verification |