Log into droplet with ssh from 2nd, 3rd, etc. computer

July 6, 2018 574 views
Getting Started Ubuntu 18.04
3kakakhel
By:
3kakakhel

While I have basic linux and intermediate python experience, this is my first time setting up a server and the like. Despite running into roadblocks everyday, I am ecstatic about getting my droplet-website-project-system fully online!

My situation has me bouncing between a couple linux computers and a couple windows computers. So far, I used PuttyGen to make a key pair and can use it with Putty to log into my droplet from one of my windows computers. I disabled password access since that was the recommendation of the guides I used. I would like to be able to also log into my droplet from the other computers, preferably using SSH.

How would I go about doing this logging in from multiple computers? At least, as far as the windows computers go, do I put a portable copy of Putty as well as my key pair onto a USB drive and just run Putty from said USB? Is that secure? Do I keep and use a separate Putty and key pair on every computer?

P.S. I tried to login using the online console. However it just showed a black screen. The webpage said that if I see just a blank black screen then I should click on it and press any key. However, that did nothing as far as I can tell.

Log In to Comment
2 Answers
jarland MOD July 6, 2018
Accepted Answer

Hello friend!

This is one of those things where preference is going to play a heavy role. It is my experience that many people have many opinions on best practices. For me, I think the best practice is to have a unique key on each system and to add each system's public key to your droplet's /root/.ssh/authorized_keys file (one key per line). Let's say, for example, Desktop A gets a virus and you feel like the data on it isn't safe. You log into your droplet and take out just that key, ensuring that computer can no longer connect to the droplet.

Carrying one key between computers is easier though, no doubt. This is why I always say that security should be relative to the potential loss. Only you know what that means for you, but security and convenience are two scales that work against each other. The balance should be right for your needs.

As far as the console goes, try a different browser and computer for good measure. A heavy firewall on your system can prevent it from loading (certain internet security software can do this). Browser extensions can likely play a role as well.

Kind Regards,
Jarland

Reply
3kakakhel July 8, 2018

Hello!

Ah, I was supposed to pickup on the ideas that (1) I should treat each computer as a new/independent instance of running the guide to make a key pair and (2) I could add/remove line(s) to the authorized_keys file. I missed that somehow. Thanks for filling that in for me.

I have the public/private key files I made with PuTTYgen on my computer, but they seem to be plain text files. That seems insecure. The public key, I can understand. But the private key too?! Did I miss something? Can I really leave these text files on each computer?

In researching, I found this product called yubikey which looks promising for having a usb like object that keeps my private key safe. I was considering to have a portable PuTTY on a usb drive with separate private keys on each computer, but like I mentioned above, felt leaving those text files around was unsafe. Something like yubikey looks safer.

As it turns out, yes, a heavy firewall may have been the issue. I was able to use the console from a different computer. The curious thing about that was that I was able to login with my username and password even though I disabled the password login in favor of ssh login.

Kakakhel

Reply
Have another answer? Share your knowledge.

Related Questions