EC2 INFRASTRUCTURE KEYS
Generated: May 8, 2026
EC2 Instance: 3.25.129.223 (Sydney, ap-southeast-2)

=== SSH KEYS ===

ec2-ssh-main.key (PRIVATE)
- Main EC2 access key
- Used for: Direct SSH to EC2 instance, general operations
- Type: Ed25519
- Passphrase: None (unencrypted)
- Usage: ssh -i ec2-ssh-main.key ubuntu@3.25.129.223

ec2-ssh-main.pub (PUBLIC)
- Public key corresponding to above
- Reference only (for adding to authorized_keys if needed)

ec2-ssh-github.key (PRIVATE)
- GitHub deploy key
- Used for: Git pull operations from private repos
- Type: Ed25519
- Configured in ~/.ssh/config as IdentityFile for github.com
- Usage: Automatically used by git when pulling from GitHub

ec2-ssh-github.pub (PUBLIC)
- Public key for GitHub
- Should be added to GitHub repo deploy keys if regenerating access

=== AWS CREDENTIALS ===

aws-credentials.txt
- AWS Access Key ID and Secret Access Key
- Used for: S3 backup uploads (nightly database dumps)
- Permissions: Limited to S3 bucket access only
- Never commit to public repos
- Rotate regularly for security

=== SECURITY NOTES ===

1. These files contain production secrets
2. Encrypt them immediately upon download (password manager, KeePass, etc.)
3. Do NOT commit to version control
4. Do NOT share over unencrypted channels
5. Do NOT store plaintext on non-encrypted drives
6. Rotate AWS credentials every 90 days
7. Consider using SSH agent instead of storing plaintext keys

=== MIGRATION STEPS ===

If migrating to new hosting:
1. Use ec2-ssh-main.key to backup data from current instance
2. Add ec2-ssh-github.key to new instance ~/.ssh/
3. Update ~/.aws/credentials on new instance
4. Verify access: git clone via GitHub should work
5. Verify backups: aws s3 ls should list backup bucket
6. Verify EC2 access: ssh ubuntu@new-ip-address

=== TO USE THESE KEYS ===

Linux/Mac:
  chmod 600 ec2-ssh-*.key
  ssh -i ec2-ssh-main.key ubuntu@3.25.129.223

Windows (PuTTY):
  Convert keys using PuTTYgen:
  File > Load Private Key > ec2-ssh-main.key
  Conversions > Export OpenSSH Key
  
(Note: These are Ed25519 keys, not RSA. PuTTYgen handles both.)

=== FILES INCLUDED ===

- ec2-ssh-main.key (PRIVATE - EC2 access)
- ec2-ssh-main.pub (PUBLIC - reference)
- ec2-ssh-github.key (PRIVATE - GitHub deploy)
- ec2-ssh-github.pub (PUBLIC - reference)
- aws-credentials.txt (AWS S3 access)
- README.txt (this file)

DELETE AFTER SECURING:
Once you've imported these keys into your password manager/vault,
delete this directory entirely. Do not leave plaintext keys on disk.

Generated: 2026-05-08
