I come from a Windows management history and work within a Windows Domain. So there is a level of “ease of use” that I get out of having a separate account in the “domain admins” group within Active Directory.
So now that I’m building out a home lab, and playing with Linux more, I have a few Linux servers floating around. The means of authentication are all over the place because they were all set up at different parts of the learning process. One server uses keypair authentication, the others are just PW authentication, and all the credentials on the servers are different (naturally).
It feels disorganized, and I think it would be good to learn how to do it right. I know that the modes of management are very different, and Linux servers can become effectively disposable if done correctly.
So I guess these are my questions:
- How do you streamline authenticating to multiple servers under your control?
- Is key authentication the way to go? If so how do you manage your keys?
- do you make a default admin account and then make a new account for you specifically to authenticate?
Ok cool. That makes sense when it’s explained. Not that different really.
For key authentication via ssh, is the best practice to generate a key for myself and then use that on all the servers or have one key for every server? What’s the best practice for distributing / keeping track of that stuff?
Thanks again 😁
If all of those servers are yours (which they likely are, since you get ssh access), you can use one key for all. Using different keys would make one compromised key less problematic. But if someone was able to copy one file of your system, they can copy multiple files.
That resolves keeping track of things as well 😄