You are viewing a single comment's thread from:

RE: How to properly setup SSH Key Authentication - If you are logging into your server with root, you are doing it wrong!

in #sysadmin6 years ago (edited)

I think a safer approach would be:

  1. Change root password
  2. Update Packages
  3. Admin Account Setup
    1. Create New User
    2. Add new user to sudo group
    3. Test login and sudo
    4. Disable root login
    5. Test ssh configuration with sshd -T
  4. SSH Key Setup
    1. Create SSH Key
    2. Install SSH Key for new user
    3. Test SSH Key authentication
    4. Disable password authentication
    5. Test ssh configuration with sshd -T
  5. Restart sshd

This breaks up Disable root login & password authentication into separate steps because it is safer. Instead of a kill switch at the end, vulnerabilities are removed in a sequence. First, a user is created and login to the user with sudo is tested and verified working. Then root logins are disabled. Next, key setup is handled along with disabling password logins.

Sort:  

I do the process in less than five minutes. If I can log in via the SSH key, I don't have to worry about the password authentication, nor do I care about it as it is being disabled.

The entire time I have failbacks:

  • root login is still enabled until the final step
  • initial root login session is still connected
  • I have tested user login with key and sudo command functionality

I see no problems doing it all at once, especially since it's done very quickly and the final test will verify everything and nothing is locked down until that is completed.

I do the process in less than five minutes.

I'm glad you can. I was making the suggestion for others that want to attempt this that find it's an easier to troubleshoot process. It's a miniscule change since this process is unchanged with the exception of disabling root sooner. It's literally one extra step and not a big one.

I agree, I just don't think the password is an issue if you are not locking things down until you verify SSH Key. The password auth is a moot point. Especially when keeping the original session open (which will persist even if you locked yourself out as long as you don't disconnect).

I guess it's just a separation of concerns.

  1. Setup Admin Account
  2. Setup Auth Key

This way if users have problems, they are isolated to what they're working. For example, if there's an issue disabling root, it can be caught early before moving on to key setup. Users aren't left wondering what went wrong.

IMHO, due to the separation of concerns, having a continuous login isn't necessary. Once sudo is setup, root login is disabled, and ssh with pw login is still working, then it's safe to have a new session and the user is able to make changes that require root access as they need.

At this point, the rest of the instructions are only related the pub/priv key auth. We are confident sudo is setup correctly with an admin account. Any problems from this point forward will be related to key setup alone.

The key to managing the setup in discrete pieces lies in disabling root sooner.

Especially when keeping the original session open (which will persist even if you locked yourself out as long as you don't disconnect).

IMHO, this is only helpful at step 1. However, once the admin account is setup, the user can connect/reconnect and execute commands as logged in as root. At some point sshd -T needs to be run to test the configruation. A typo will easily ruin your day. In one case, you run into it sooner and can assume it's not a problem with key setup. In the other case, it could be a problem with either admin user setup or key setup.