Want to subscribe to topics you're interested in?
Become a Member

Sysadmin Poll: SSH Passwords or Keys?

Discussion in 'System Administration' started by deltahf, Oct 24, 2016.

  1. Passwords

    1 vote(s)
    12.5%
  2. SSH Keys & Passwords

    4 vote(s)
    50.0%
  3. SSH Keys Only

    3 vote(s)
    37.5%
  1. deltahf

    deltahf Active Member

    203
    99
    28
    Jun 8, 2014
    Ratings:
    +149
    Local Time:
    5:58 AM
    How many of you use SSH passwords to access your server, and how many of you only use SSH keys? If you're using keys, have you also completely disabled SSH password access?
     
  2. Matt

    Matt Moderator Staff Member

    678
    312
    63
    May 25, 2014
    Sheffield, UK
    Ratings:
    +429
    Local Time:
    10:58 AM
    1.7.1
    MariaDB 10
    Once I've fully set up my servers, I disable password auth and only allow keys.
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    28,935
    6,567
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,747
    Local Time:
    7:58 PM
    Nginx 1.13.x
    MariaDB 5.5
    Really depends on the web host. Before you look into ssh key only (+disable password authentication), make sure your web host is setup with features that allow you to regain access to your server if you ever loose your ssh key's private key and that you know how to use those features to regain access.

    If you don't know how to use those features, setup a test instance/VPS with that web host and test it out. If you're with web host with hourly billed VPSes like Linode, DigitalOcean, and Vultr then it is relatively cheap to test out for a few hours on a test VPS.

    Here's a example text you can use to ask your web host to be sure

    There's numerous how to use ssh key login guides online, but not many go beyond that to explain what to do if you loose your ssh private key and are unable to use password logins. And that can come down to your web host and what measures they have in place i.e. out of band console access etc and recovery ISO/cds available.
     
    Last edited: Oct 25, 2016
    • Agree Agree x 2
  4. eva2000

    eva2000 Administrator Staff Member

    28,935
    6,567
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,747
    Local Time:
    7:58 PM
    Nginx 1.13.x
    MariaDB 5.5