On 02/24/2017 06:41 PM, Erik Lane wrote: ----snip----- >> >> > Is there any reason why the public and private keys need to be different on > the different computers? (Purely out of curiosity about the technical > implementation.) It seems like you could create them on one computer and > copy paste to the relevant files to make them both the same. I don't see > any benefit to doing this, and some possible security risks, depending on > the situation, but I'm just curious.
Best practice is to have each host have its own key pair. If ssh stays on your internal network and is not connected to the internet, you can get by with a common set. With a unique set you can track logs to see if anyone tries to get in... > > I have had a couple instances where I actually needed to create the keys as > root as well. I was using rsync with sudo, (and the files were owned by a > different user for Owncloud) so I had to have root create the keys, since > that was what would be running the ssh transfer. Well, there might have > been other options, I really don't know, but setting it up that way took > care of it for me. Once I got it working I stopped looking for other ways > to do it. :) > having root do anything on the "cloud" (esp the way some distros configure sudo) is absolutely insane. Nuts. Bonkers. As computer users, we all need to be more proactive regarding security. Just look at the news (No, not about Trump: the REAL news!) to notice all the network security breaches of late. After all, we don't leave the house unlocked, do we? In the 21st Century locking down your computer is just as important, nay, more so. Your personal data is very valuable. More valuable than that new 4K TV or fancy stereo rig. Enough ranting for a Friday night! Have fun -Ed _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
