re: root and ssh keys

Posted March 12, 2014 4.3k views
hi there, I've seen that this question has been partially answered elsewhere but hasn't quite got to the nub of it. I understand that I should not be using root and instead use sudo. I set up the droplet with an ssh key and added a new user. The problem being that now that user has password login. Should I be setting up ssh key to log in with this new non-root user? surely otherwise I'm reintroducing the same security flaw that was the reason for using ssh keys in the first place. And if I should be setting this up how do I go about it?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers
Yes you should use setup SSH keys for the new user, and disable ssh as root too.

Take a look at the following page for additional details:

In short you need to generate a ssh key pair, and copy the to the new users ~/.ssh/authorized_keys on your VPS.
I would advise you to use whatever login method you need for standard users, and use the SSH key defined in the DO Dashboard, as the key for root.

What I mean is, in /etc/ssh/sshd_config, set PermitRootLogin like so:
PermitRootLogin without-password

That way, you still can SSH login as root in case of emergency, whilst disallowing password-based authentication for root.