I was under the impression that the PEM file was just another public key as in SSH PubKeyAuthentication but I was completely wrong.
I didn't want to add the identity file in my ssh command each time, so I tried to do an ssh-copy-id
into my azure vm so I can directly authenticate and log in with a simple ssh user@ip
command
However, this command failed saying All keys were skipped because they already exist on the remote system.
and when I checked /etc/ssh/sshd_config
the PubKeyAuthentication line was commented out.
This led me to wonder, which line is enabling the IdentityFile/PEM key to be used to login?
Is it safe for me to enable PubKeyAuthentication on this public server?
Is PEM more secure?
CodePudding user response:
In public key authentication, client has a private key that he uses to authenticate to server's public key. There is no difference in security if you are using a private key (.ppk file) or a pem file to authenticate to your server. I guess you are seeing something like this "#PubkeyAuthentication yes" in the sshd_config file, and this does not mean that it is commented out. It is a config file and this means that public key authentication has been enforced.
In short to answer your question, SSH with PEM file is no different from Public Key authentication (PKA). In PKA, you have the private key to yourself which you use to authenticate to the server's public key. With PEM file, it is nothing but the private key itself along with certificates. So, there is actually no such difference. You can convert a pem file to a .ppk file as well.