You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain access to root—or an account that has password-less sudo privileges or access to your own account on that machine—to do that. And that is not unheard of but a rare occurrence at best.
15Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data. – Ramhound – 2019-03-07T01:13:05.683
8@Ramhound: The public key is meant to be shared read only. If someone modifies it, that breaks everything. – Mooing Duck – 2019-03-07T18:43:50.463
5If somebody is modifying the public certificate then anything it encrypted can’t be decrypted by the private key. There is built-in protection to prevent the use of a key that was modified (for what purpose I can’t determine). It would serve absolutely no purpose. I am not sure I understand the purpose of modifying the public key. – Ramhound – 2019-03-07T22:11:45.163
9@Mooing Duck You don't get to choose "read-only" when you share your key. SSH keys don't have DRM (yet). – technical_difficulty – 2019-03-08T06:30:56.540
1@technical_difficulty: I was thinking of the case where a public key was uploaded to a server for distribution. If someone modifies that, you're in trouble. But reading the answers, it appears this question is more about something I understand much less. – Mooing Duck – 2019-03-08T17:46:41.503
2As others have pointed out this situation isn't really feasible in terms of an attack... I mean: you already assumes somebody has root access to your machine. The fact that you cannot SSH into it is not a real issue, at that point what you do is physically turn off the machine and wipe the disk, or destroy the VM from your admin dashboard. However we have to say that sometimes files get corrupted (if you are unlucky enough a cosmic ray might be able to do this even without any software/hardware bug). In that case yes you will probably lose access to the server. – Bakuriu – 2019-03-08T17:55:05.453
1If somebody can tamper with public keys in the
authorized_keys
file they can add themself as authorized user. If they can alter your copy of a public key they might be able to trick you in actually installing it somewhere as an authorized key. – eckes – 2019-03-10T18:14:39.4731If someone wants malicious access to your machine, I would think it would make more sense for them to add their own public key in addition to yours rather than replace your public key with theirs. In the former scenario, you know you cannot access your machine via SSH which throws a red flag. In the latter scenario, it's less likely that you'll notice anything. – DaveTheMinion – 2019-03-10T18:55:36.617