SSH... to make a key-pair or not to make a key pair
What are the security trade-offs of these approaches? As I understand it, when I type "ssh
Thanks for any help.
1 Reply
Hello!
Hopefully at some point in the past sixteen years you've found other resources to help answer this question, but in looking through our archives I discovered that your inquiry had gone unanswered! So if you haven't received any input on your question yet, I'm happy to provide some here for you. Luckily, your question, which is currently old enough to drive, is just as relevant to server security today (2020) as it was when you asked in 2003.
While you are able to log into your Linode with just a root user login and password, we strongly recommend setting up a public/private key pair, so much so that we even have a whole guide that covers how to do so. The security trade-off is that an ssh key is much harder to duplicate than a password input, and is much harder to brute force.
Further, our "Securing A Server" guide instructs users on how to eliminate password and passphrase inputs entirely, offering further protection from brute force attempts.
I hope this helped clarify the strengths of an authentication key setup, and we thank you for being such a long-standing member of the Linode community!