ssh public keys

Posted Feb 15, 2007 11:05 UTC (Thu) by dion (guest, #2764)
In reply to: Linux botnets by dd9jn
Parent article: Linux botnets

I think the reason that some (a lot of) people use passwords with ssh is that they see ssh as "telnet, only secure".

They haven't looked at authorized_keys or they think that distributing their keys is too much trouble.

I've recently moved from doing copy+paste of id_dsa.pub when needing access to using a handy little shell script (don't run it on your machine, unless you want me to access it): http://dion.swamp.dk/ssh.sh

Before doing that I some added only one of my desktop machines or maybe I didn't bother with the key setup at all and just used password login, because I rarely needed access to that particular system.

With this solution all I need to get access to a new box is to tell the administrator (well, myself most times) to run that script and I'll never need to log in with a password.

Putting your public key on your website really ought to be in every "root account for dummies"-type book.