From 6975c074bb8308beaf39e0c9f4d4a460dc8a9253 Mon Sep 17 00:00:00 2001
From: jebba <root@localhost>
Date: Fri, 4 Feb 2022 17:15:31 -0700
Subject: [PATCH] rw ssh keys

---
 README.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/README.md b/README.md
index abb16e9..1b96945 100644
--- a/README.md
+++ b/README.md
@@ -112,6 +112,24 @@ from="10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABA
 ```
 
 
+Other keys of note. The `/data` dir is read-write, but `/etc` is read-only.
+So it looks like it is doing an overlay with `rw` data from here, for
+example with the SSH keys:
+
+```
+root@tici:~# ls -l /data/etc/ssh/
+total 32
+-rw------- 1 root root 1385 Feb  4 23:52 ssh_host_dsa_key
+-rw-r--r-- 1 root root  599 Feb  4 23:52 ssh_host_dsa_key.pub
+-rw------- 1 root root  505 Feb  4 23:52 ssh_host_ecdsa_key
+-rw-r--r-- 1 root root  171 Feb  4 23:52 ssh_host_ecdsa_key.pub
+-rw------- 1 root root  399 Feb  4 23:52 ssh_host_ed25519_key
+-rw-r--r-- 1 root root   91 Feb  4 23:52 ssh_host_ed25519_key.pub
+-rw------- 1 root root 2590 Feb  4 23:52 ssh_host_rsa_key
+-rw-r--r-- 1 root root  563 Feb  4 23:52 ssh_host_rsa_key.pub
+```
+
+
 Another way to do this would be to hijack DNS on your own wifi to intercept
 the Comma Three's connection to github, then redirect the connection to
 your own server. It depends if it barfs on the SSL or not.