From b10a0824c1e024921adaca25d087c9d88f253c22 Mon Sep 17 00:00:00 2001
From: Florz <florz@florz.net>
Date: Thu, 18 Feb 2021 22:39:38 +0100
Subject: [PATCH] first part of access rights

---
 README.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d3843bc..8ea9b42 100644
--- a/README.md
+++ b/README.md
@@ -38,4 +38,10 @@ and `ls -lsha ~ssh-port-forwarding/.ssh/` should look like this:
 4,0K drwx------ 2 ssh-port-forwarding nogroup 4,0K 18. Feb 22:18 .
 4,0K drwxr-xr-x 3 ssh-port-forwarding nogroup 4,0K 18. Feb 22:18 ..
    0 -rw-r--r-- 1 ssh-port-forwarding nogroup    0 18. Feb 22:18 authorized_keys
-```
\ No newline at end of file
+```
+
+### Configuring access rights
+This is all done in `/home/ssh-port-forwarding/.ssh/authorized_keys`.
+
+First use the `ssh-keygen` command to create a private and public key pair on the client side. Don't type any password! Then use `cat ~/.ssh/id_rsa.pub` to display the content of your newly created public key. After that add a new line in the `authorized_keys` file on the server. Use the following line as an example. Your key starts at `AAAA...` and this all needs to be in a single line per key.  
+`restrict,command="",port-forwarding,permitlisten="localhost:22",permitopen="localhost:22" ssh-rsa AAAA...`
\ No newline at end of file