# key authentication



## Easy Rhino (Jul 26, 2016)

Quick poll! I finally got around to securing my remote VM by disabling password authentication and using key authentication only for SSH. Curious if others do the same.


----------



## Jetster (Jul 26, 2016)

Over my head


----------



## Kursah (Jul 26, 2016)

No, but I should be!


----------



## Solaris17 (Jul 26, 2016)

I actually recently switched to key authentication myself.


----------



## blobster21 (Jul 26, 2016)

I'm using a mix of RSA keys (for the first handshake) + an OTP code as a second authentication factor. 

I set openssh to listen on a non-standard port, with a restricted set of IPs allowed to knock at the door.

All this in raspbian, on an old B+ running 24/7


----------



## W1zzard (Jul 26, 2016)

Key authentication is the recommended method for security, reject all password logins

If you lose the key use physical or remote console (IPMI)


----------

