SSH public key management through ServerPilot is now available. Once a user added an SSH key to a system user, he will be able to SSH and SFTP into the server using public-key authentication. ServerPilot’s SSH key management works perfectly alongside manual SSH key management. ServerPilot also stated that it makes it easy for users to add and remove keys from system users without the risk of locking out due to SSH misconfiguration.
SSH keys and SSH authentication
Before learning what SSH keys are, first check the authentication part. Authentication helps to prove who you are. In the field of computer security, there are three ways to prove who you are:
- Something you know – Things you can remember such as a password.
- Something you have – Things in your possession, for example, a time-based code generator on your phone for two-factor authentication.
- Something you are – Biometrics such as fingerprints or retina.
An SSH key is something you have. The cryptographic principles of SSH keys are the same as with SSL/TLS keys. The keys consist of two mathematically related parts: a public key and a private key. The public key can be shared with anyone. The private key must be kept secret. This concept of a public and private key pair that can be used for both encryption and authentication is known as public-key cryptography or asymmetric cryptography.
Public key & private key
The cryptographic principles of SSH keys are the same as with SSL/TLS keys. In both methods, the keys consist of two mathematically related parts: a public key and a private key. The private key must be kept as a secret. If a system user on your server is configured with your public key, the user can log in using the private key. SSH verifies that the user has the correct private key and then logs the user in.
ServerPilot Simplifies SSH Key Management
SSH public-key authentication is a powerful way to improve security, but managing keys across many system users and servers is complicated and error-prone. ServerPilot makes it easy for its customers to add and remove keys from system users without the risk of locking the customer’s out due to SSH misconfiguration. Additionally, it is easy to see which keys have been added to a system user and, for any given key, which system users have that key enabled.