New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Ssh keys
I was using password based authentication to connect to my linux server. Started using key based access and removed password login. I have 2 other vps which I plan to move to key based.
If for some reason I lose my private key, how can I connect to my server ang gain access? Should I keep same private key on all my servers?
Am I missing something here? Or there are key management tools available?
Please guide me. Thanks
Comments
Use provider's VNC to restore access.
You can use one private key to access all servers that have corresponding authorized public key. That's no problem
backup your private key. you should be making regular backups of your files
if worst comes to worst you can always use solusvm to get shell access to the server and change ssh config from there.
also you install the public key on the server not the private key. just saying.
With a VPS you're (probably) fine losing the key. You can VNC into the VPS via your provider like Choco said, if you can't for some reason or it isn't available some hosts will fix it for you with permission to access your server.
I generate multiple key pairs - one for each device I intend to login from (laptop, desktop, phone).
Also makes it easier to revoke if one of my keys got leaked.
Gen one keypair per machine you own : desktop, laptop, phone, tablet.
add two or more of the public keys from these to each machine you need to login to (%HOME%/.ssh/authorized_keys)
if you have disabled root access from ssh and don't have a VNC plus you lost your ssh keys to access your server. Then its a problem for you. Its better to add another user with root privileges and backup your private key at a secure place.
Hmm, nice suggestion. Thanks.
This I like. Thanks
Can I ask how does one revoke the key?
Thanks all.
Sorry, wrong term. Not really revoking it, but just removing the corresponding line in authorized_keys
Ahh, makes sense. Thnx
sshd can also do a key revocation list (
RevokedKeys
in sshd_config) if you need it.