ssh server concern changing distro

arvygasp

New Member
Credits
68
Good day!

I am currently running Ubuntu distro and I would like to change it. No problem there, I can do that.

What I am concerned about is my remote website server that I have.

I have followed a tutorial creating it, protecting it with shh key, removing the need to type password every time when I am accessing it through the terminal as [email protected].

I assume that since my machine has the private key and I gave my server the public key, they can communicate this way easily without the password that my remote server has provided me. That is handy, yes.

BUT what if I change distro, clean all the partitions before doing so and then, in my new distro I will try to access my remote server. I HOPE it will ask me for the password that the server provided me and NOT the ssh key that I have generated on my previous distro.

1. Should I prepare for that and save my private key somewhere somehow and then in the newly installed distro paste in the system so the server recognizes it?
2. Should I not worry and try to connect to the server on my new distro and then set up a new ssh key?
3. something else?

Looking forward for a reply!

I am 26 and its the first time in my life I am using a FORUM. Linux has forced me to look for various unanswered solutions on the web, since there is no one around me using Linux, I think being a member of a Linux forum will prove to be useful along the way :)

Arvygasp
 


f33dm3bits

Gold Member
Gold Supporter
Credits
15,054
It sounds like you are wanting to reinstall your desktop running Ubuntu which has sshkeys setup to be able to connect to your remote webserver. If that is the situation than all you have to do is make a backup of the ssh directory of the user you are connecting from on your desktop machine, most likely that is your current logged in user so that would be $HOME/.ssh
 
Last edited:

arvygasp

New Member
Credits
68
It sounds like you are wanting to reinstall your desktop running Ubuntu which has sshkeys setup to be able to connect to your remote webserver. If that is the situation than all you have to do is make a backup of the ssh directory of the user you are connecting from, most likely that is your current logged in user so that would be $HOME/.ssh

I have found this here:
E.g. if I have multiple machines, I'd need to duplicate private keys, which I think is undesirable.
No, actually you don't. If you have multiple machines, you just create a separate private key on each one. For each private key, just upload the corresponding public key to GitHub using the same process.
Also, if my HDD go kaput, I'll lose my private key, which (I guess) is undesirable as well.
Not really; if you lose your private key, just generate a new one and upload the corresponding public key.

For what it's worth, you're right that duplicating a private key is highly undesirable. Ideally, a private key should be generated in one file (~/.ssh/id_rsa for example) and should never leave that file - that is, it should never be copied, moved, and especially not transferred over a network. (e.g. I exclude them from backups) Because of the nature of asymmetric authentication protocols, you only need to worry about keeping your private key out of the hands of others. If you go a bit overboard and you lose track of it yourself, it's generally not a big deal. (This is not to be confused with asymmetric encryption private keys, e.g. GPG keys, which you probably want to hold on to.)


I am still confused confused. Want to make sure I do everything right so I dont get locked out of my own server.

What would happen if I make a clean install of Fedora lets say, generate a new ssh key and try to link it to the server? Would it work, would I be able to connect to it as a root or it would tell me that some Ubuntu computer has already done that, he has the original id_rsa key and you, Fedora laptop, can not access this server?

If that would be the case, could I put the id_rsa key on a flashdrive(before the fedora install) and then paste it in ~/.ssh/i on a Fedora distribution and then try to log in to the server, would it recognize and accept me then?

Thank you for your patience :)
 

Alexzee

Well-Known Member
Credits
6,602
CentOS 7 support ends in June of 2024 so you might not want to choose that as your server class distro.


Have a look at Open Suse or Red Hat.
With Red Hat you will have a subscription cost though.
Oh, and you can have a look at Rocky Linux too.
Good Luck.
 

f33dm3bits

Gold Member
Gold Supporter
Credits
15,054
1. What would happen if I make a clean install of Fedora lets say, generate a new ssh key and try to link it to the server? Would it work, would I be able to connect to it as a root or it would tell me that some Ubuntu computer has already done that, he has the original id_rsa key and you, Fedora laptop, can not access this server?

2. If that would be the case, could I put the id_rsa key on a flashdrive(before the fedora install) and then paste it in ~/.ssh/i on a Fedora distribution and then try to log in to the server, would it recognize and accept me then?

Thank you for your patience :)
1. You would lock yourself out of your self out of the server and not be able to connect though ssh because your old publickey only being authorized, you would then have to login through console access to regain access.

2. That what I already told you to do in my first post, that way once you have your desktop system reinstalled, you replace your ~/.ssh/ directory, set the correct permissions and then you should be able to get connect to your remote sever through ssh as before.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Staff online

Members online


Top