Join Scott Simpson for an in-depth discussion in this video Using a key for more-secure access, part of Understanding SSH.
- View Offline
- It's common to use a cryptographic key rather than a username and password to access an SSH server. Doing so is much more secure and it can be more convenient. Key-based access requires a cryptographic key pair made up of a public key and a private key. The server will have the public key and you'll have the private key. You can generate a different key for each computer you connect from, or copy your private key to each computer you use. There are benefits and drawbacks for each choice.
If you use a separate key for each computer, there's a little bit more setup and management overhead since you'll need to generate a bunch of keys and transfer them all to the server, but if one key is compromised, you can easily remove it from the server and still have access from your other computers. If you opt to copy one private key to each computer you use, there's a little bit less setup, but if the key is compromised, you need to act quickly to generate a new key and delete the old one. How you choose to manage your keys is up to you.
Let's go through the process of generating a key pair and sending the public key to an SSH server. Then we'll connect using the private key.