create account

RE: How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong! by r351574nc3

View this thread on: hive.blogpeakd.comecency.com

Viewing a response to: @themarkymark/re-r351574nc3-re-themarkymark-re-r351574nc3-re-themarkymark-how-to-properly-setup-ssh-key-authentication-if-you-are-logging-into-your-server-with-root-you-are-doing-it-wrong-20180706t132555992z

· @r351574nc3 ·
$0.09
I guess it's just a separation of concerns. 
1. Setup Admin Account
1. Setup Auth Key

This way if users have problems, they are isolated to what they're working. For example, if there's an issue disabling root, it can be caught early before moving on to key setup. Users aren't left wondering what went wrong.

IMHO, due to the separation of concerns, having a continuous login isn't necessary. Once `sudo` is setup, root login is disabled, and ssh with pw login is still working, then it's safe to have a new session and the user is able to make changes that require `root` access as they need.

At this point, the rest of the instructions are only related the pub/priv key auth. We are confident `sudo` is setup correctly with an admin account. Any problems from this point forward will be related to key setup alone. 

The key to managing the setup in discrete pieces lies in disabling root sooner.

> Especially when keeping the original session open (which will persist even if you locked yourself out as long as you don't disconnect).

IMHO, this is only helpful at step 1. However, once the admin account is setup, the user can connect/reconnect and execute commands as logged in as root. At some point `sshd -T` needs to be run to test the configruation. A typo will easily ruin your day.  In one case, you run into it sooner and can assume it's not a problem with key setup. In the other case, it could be a problem with either admin user setup or key setup.
👍  , ,
properties (23)
authorr351574nc3
permlinkre-themarkymark-re-r351574nc3-re-themarkymark-re-r351574nc3-re-themarkymark-how-to-properly-setup-ssh-key-authentication-if-you-are-logging-into-your-server-with-root-you-are-doing-it-wrong-20180706t135500170z
categorysysadmin
json_metadata{"tags":["sysadmin"],"app":"steemit/0.1"}
created2018-07-06 13:55:00
last_update2018-07-06 13:55:00
depth5
children0
last_payout2018-07-13 13:55:00
cashout_time1969-12-31 23:59:59
total_payout_value0.073 HBD
curator_payout_value0.021 HBD
pending_payout_value0.000 HBD
promoted0.000 HBD
body_length1,468
author_reputation169,747,269,306,049
root_title"How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong!"
beneficiaries[]
max_accepted_payout1,000,000.000 HBD
percent_hbd10,000
post_id63,661,566
net_rshares47,546,553,564
author_curate_reward""
vote details (3)