Ubuntu – How to give ssh access to trusted friend

Securityssh

I've got a friend that I trust enough to give ssh access to one of my servers. To this end, I've created a user account for him.

The box is accessible by key authentication only, not passwords. I've created a private key for that account, but if I send it to him over email, we kinda lose the point of the strong(er) security

What's the best way of giving him access to this account without having to resort back to password authentication?

Additional difficulties : he's on a Windows box, but easy enough to install PuTTY

Best Answer

Your problem is you are doing it backwards. Your friend is to generate his key and send you his id_rsa.pub. His private key is only for him. That's what makes it private. Once anyone but you has access to your private key it's compromised and you need to generate a new pair.

Your friend can create his key pair in windows with puttygen.exe. Once that is done he can send you his id_rsa.pub and you simply place it in ~friend/.ssh/authorized_keys

Related Question