1

I try to create Public Private key to Linux SFTP server.

  1. If I have 5 different users accessing SFTP and wondering is it possible to create key to every single users accessing from different client machines?

  2. Also is it so that all 5 keys can be generated in one workstation or is it required that keys are generated and copies (ssh-copy-id) in specific user client machine?

Thomas
  • 4,225
  • 5
  • 23
  • 28
Keke
  • 13
  • 4
  • So it is possible to have 5 different client machine and each would be used to generate keys and copy public keys? SFTP server can handle multiple public keys? – Keke May 27 '18 at 13:53
  • Is it possible to still login with username password even I copy public key to SFTP server? – Keke May 27 '18 at 15:31

1 Answers1

0

Technically speaking, it doesn't matter on which box you generate the keys.

It's possible to associate multiple keys with a user account.

And it's still possible to login with password despite having pubkey authentication available.

Now, what should you do? Set up your server to only allow pubkey authentication, lock down your server to only allow SFTP - no shell, no port/x11 forwarding, no password authentication. Then have your users transmit their public keys to you and set up pubkey login. Don't generate keys for your users, this compromises their security.

fuero
  • 9,591
  • 1
  • 35
  • 40