ssh public keys
Posted Feb 15, 2007 11:05 UTC (Thu) by dion
In reply to: Linux botnets
Parent article: Linux botnets
I think the reason that some (a lot of) people use passwords with ssh is that they see ssh as "telnet, only secure".
They haven't looked at authorized_keys or they think that distributing their keys is too much trouble.
I've recently moved from doing copy+paste of id_dsa.pub when needing access to using a handy little shell script (don't run it on your machine, unless you want me to access it): http://dion.swamp.dk/ssh.sh
Before doing that I some added only one of my desktop machines or maybe I didn't bother with the key setup at all and just used password login, because I rarely needed access to that particular system.
With this solution all I need to get access to a new box is to tell the administrator (well, myself most times) to run that script and I'll never need to log in with a password.
Putting your public key on your website really ought to be in every "root account for dummies"-type book.
to post comments)