How To Generate Ed25519 SSH Keys, Install Them, and Configure Secure Passwordless Authentication

Thank you for taking the time to share your hard earned knowledge. Much appreciated.

ddstutorials

Omg I looked through so many articles and videos before I landed on your video. And your video was the only one that showed a straight forward method; thank you!

Icymaiden

PermitRootLogin may default to 'yes', so leaving it commented out or removing the entry entirely leaves it at default, ie; 'yes'. It mentions this at the top of the sshd_config, although I believe Ubuntu (and probably some others) modify this on install. In either case it's best to explicitly set it to 'no' to disable it.

jasonrm

I suppose to most this is basic, but this video finally made key authentication click for me. Read several text guides but none covered it quite as well. Thanks!
I am setting up a VPS to run some services and trying to make it as secure as I can.

willrunfun

Jumpbox tutorial please! I’m definitely interested in doing this :)

ShaneAJM

"Control + L" is faster for clearing the screen than just "clear"

mondskiez

Thank you for this video!

Could you please do a guide on SSH CA authorization? Maybe even using Hashicorps Vault for SSH-CA management and signing?

diffiq

extra tip, if you are using a VPS provider, you can use their firewall to limit ssh access to your IP only.

abdraoufx

This is fantastic timing. I had just been trying to learn more about SSH keys and searched your channel this week to see if you had a video on it.

Thanks again for more great educational content.

charlescc

Hi Tom, maybe for a follow up video explain about ssh keyfingerprints. In an enterprise setting you can end up with hundreds of keys associated with one SFTP/SSH account. You can up the logging of ssh on the server and then review the logs to identify exactly which SSH keys are being used. Then using -lf to determine those keys to do not meet current Corp security expectations like those using 512 bit DSA.

bwhite

Please do more videos on keys! A local server hosting keys for multiple people sounds super useful. Would be good to know how you make that secure too. I use keys but I don't 100% know the best way to use them. Do you create the key on your server or personal laptop and do you send the public or private key and can you use that key for multiple servers? And how do you manage multiple keys for multiple people on a single server?

hawks

The -a has nothing to do with key generation randomness. It's only the iterations for the password derivation. If you don't use a password, you don't need -a

berndeckenfels

Yes, I am currently replacing my ssh keys with ed25519, just started this week, been stalling it for some good two years now..

svettnabb

A tutorial on the correct way to manage creeds in scripts would be great!

iandawson

SSH keys help me sleep at night. knowing that my all my Redhat servers 1400 miles away are doing the rsync file transfers at 2 AM. like they are suppose to do.

jeffherdzina

Nice tutorial. Wish for more if you could please. 🌺

MichealG

It's there a benefit to doing file encryption with Ed25519 keys vs 4096 RSA keys for file encryption?

TheBlueThird

hi i have setup a PBX server with key and use sshfs but when mounted the directory only has these privileges (drwxrwxr-x) but I cannot delete or copy or create how do I sort this please

johnwatson

I'm sure somone asked this and sorry for the repeat. But if the private keep can be viewed in a file on your computer "id_ed25519" then the private keep is at risk of being viewed or copied. Is this why you suggest to encrypt the folder?

angelalita

when i want to generate the public key it says " 'cat' is not recognized as an internal or external command,
operable program or batch file." how do i fix this?

decayingskulls