Introducing DigitalOcean Functions: A powerful, serverless compute solution

Related

My website is unresponsive! What do I do?
Question
Attempting to run a bash script via user-data on creation isn't working and no logs
Question

Question

ssh login key question ..............

So, I add ssh key, good. I can log in through ssh @root without password, great.

I keep reading about disabling root login for security, is this if you were not to set up an ssh key.? If i disable root login, then my whole ssh key would be worthless correct,.? I can create a second sudo account, disable root, but this second account would not be using the key, just the password I gave that account…

Is this correct.?

How do you all have accounts set up with ssh keys.?

Thank you, Fidel

Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

micalmJanuary 11, 2016

From man sshd_config:

 PermitRootLogin
             Specifies whether root can log in using ssh(1).  The argument must be “yes”, “without-password”, “forced-commands-only”, or “no”.  The default is “yes”.

             If this option is set to “without-password”, password authentication is disabled for root.

             If this option is set to “forced-commands-only”, root login with public key authentication will be allowed, but only if the command option has been specified (which may be useful for tak‐
             ing remote backups even if root login is normally not allowed).  All other authentication methods are disabled for root.

             If this option is set to “no”, root is not allowed to log in.

You should not mistake permitting normal root login and root login through ssh. As above, authentication via password via key are two different things, and do not affect each other.

If you set PermitRootLogin without-password in your SSH server config, you will be able to log in only via the key and not the password. Hovewer, most server admins do set up a separate account with sudo access and disable root login completely (PermitRootLogin no).

Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner

Related

My website is unresponsive! What do I do?
Question
Attempting to run a bash script via user-data on creation isn't working and no logs
Question
Join the DigitalOcean CommunityCommunity

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner