3
Once you disable password authentication for SSH login, what is the way to get a new public key into the server?
Background:
I have had this issue forever-and-a-day, I have a server setup in another building. It does not allow password logins and a keys need to be exchanged.
When I'm at home and I've got a new box setup, I can't push the public key to the server. A workaround has always been to have one computer somewhere on the network that allows password logins and leap-frog into the main server. That way I can log into server 2 to get to server 1 to add the public key from guest.
Is the accepted and general way to walk the public key in on a physical key?
The only other way I could think of (and not sure it would work, or whether users would particularly like it) would be to generate a key pair n the server and send the keys to the user (being sure to delete the private key from the server where it was issued). The main issue with this being someone other than the user has had access to the private key.
Madivad
Posted 2017-06-05T17:15:40.750
Reputation: 173
I agree 100%, it's just the issue comes up when I create a new box, reformat, etc. The server is not "easy" to access. Although in typing this, I've just realised, can I save off and keep reusing the same key on next install? – Madivad – 2017-06-05T17:30:55.413
You're a funny one. A funny paranoid one, too-long-username-to-type. How do you propose getting a key onto a server that is physically secured, where even the hoster's admins can't just walz in and twiddle with the physical server? – Jürgen A. Erhard – 2020-01-04T11:27:28.570