SSH: Make Remote Public Key Only

  • After getting the public key from the local machine (described on a later slide), you should edit /etc/ssh/sshd_config to disable root logins, RSA authentication (weaker encryption of key), and password authentication (otherwise we're still subjec to brute-force attacks), as described on the next slide

  • Then restart your ssh server (e.g. on Debian/Ubuntu use /etc/init.d/ssh restart)