What can I do if someone tampers with my SSH public key?Why is a remote server asking me to generate...

How to chmod files that have a specific set of permissions

How to concatenate two command in shell

PTIJ: Mordechai mourning

Faulty RAID1 disk now shows as foreign

Adding thousand separator to various number types

Should I use HTTPS on a domain that will only be used for redirection?

Can a Tiny Servant be used as a messenger?

How does insurance birth control work in the United States?

Can an earth elemental drown/bury its opponent underground using earth glide?

Was it really inappropriate to write a pull request for the company I interviewed with?

Why did the Cray-1 have 8 parity bits per word?

Are there other characters in the Star Wars universe who had damaged bodies and needed to wear an outfit like Darth Vader?

Is there a math equivalent to the conditional ternary operator?

An Undercover Army

In the world of The Matrix, what is "popping"?

Effect of "wrong" driver with slightly long RS-485 stubs

Where is the fallacy here?

Being asked to review a paper in conference one has submitted to

Meshing the cow

Create chunks from an array

Did Amazon pay $0 in taxes last year?

If nine coins are tossed, what is the probability that the number of heads is even?

Number of folds to form a cube, using a square paper?

Practical reasons to have both a large police force and bounty hunting network?



What can I do if someone tampers with my SSH public key?


Why is a remote server asking me to generate public/private SSH keys?How does SSH encryption work?Install public key via ssh-copy-id for other usersLogin with SSH public key doesn't workCan't ssh in with public keyWhat exactly happens when you use SSH without generating a key pair?What stops anybody from copying their ssh public key onto my server?Missing begin marker error with public key ssh loginpscp between local (Windows) and remote (Linux) with private keySSH “refused key” only with public IP, works locally













7















I understand private keys being compromised is a huge risk; however, what about public keys. What if they are tampered with?



If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefore, affecting availability on my end?










share|improve this question




















  • 5





    Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

    – Ramhound
    15 hours ago
















7















I understand private keys being compromised is a huge risk; however, what about public keys. What if they are tampered with?



If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefore, affecting availability on my end?










share|improve this question




















  • 5





    Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

    – Ramhound
    15 hours ago














7












7








7


1






I understand private keys being compromised is a huge risk; however, what about public keys. What if they are tampered with?



If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefore, affecting availability on my end?










share|improve this question
















I understand private keys being compromised is a huge risk; however, what about public keys. What if they are tampered with?



If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefore, affecting availability on my end?







linux encryption






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 58 mins ago









JakeGould

31.7k1097140




31.7k1097140










asked 16 hours ago









KevKev

363




363








  • 5





    Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

    – Ramhound
    15 hours ago














  • 5





    Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

    – Ramhound
    15 hours ago








5




5





Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

– Ramhound
15 hours ago





Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.

– Ramhound
15 hours ago










3 Answers
3






active

oldest

votes


















13














You can always regenerate a public key as long as you have the private key.



You ask:




If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?




So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?



No worries as long as you have your private key. Just run this command:



ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub


And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.



About your other concerns.



Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.



Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.






share|improve this answer

































    8














    The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.



    Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.



    Your original question asked:




    "If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...




    then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.



    You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.



    There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys






    share|improve this answer

































      5














      It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"



      Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.



      How did they get in the first place to make the change?
      Only root and login owner can change their own authorized_keys file, so those would be your suspects.






      share|improve this answer








      New contributor




      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





















      • Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

        – hackerb9
        4 mins ago











      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "3"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1411961%2fwhat-can-i-do-if-someone-tampers-with-my-ssh-public-key%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      3 Answers
      3






      active

      oldest

      votes








      3 Answers
      3






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      13














      You can always regenerate a public key as long as you have the private key.



      You ask:




      If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?




      So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?



      No worries as long as you have your private key. Just run this command:



      ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub


      And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.



      About your other concerns.



      Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.



      Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.






      share|improve this answer






























        13














        You can always regenerate a public key as long as you have the private key.



        You ask:




        If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?




        So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?



        No worries as long as you have your private key. Just run this command:



        ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub


        And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.



        About your other concerns.



        Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.



        Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.






        share|improve this answer




























          13












          13








          13







          You can always regenerate a public key as long as you have the private key.



          You ask:




          If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?




          So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?



          No worries as long as you have your private key. Just run this command:



          ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub


          And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.



          About your other concerns.



          Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.



          Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.






          share|improve this answer















          You can always regenerate a public key as long as you have the private key.



          You ask:




          If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?




          So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?



          No worries as long as you have your private key. Just run this command:



          ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub


          And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.



          About your other concerns.



          Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.



          Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 15 hours ago

























          answered 16 hours ago









          JakeGouldJakeGould

          31.7k1097140




          31.7k1097140

























              8














              The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.



              Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.



              Your original question asked:




              "If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...




              then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.



              You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.



              There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys






              share|improve this answer






























                8














                The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.



                Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.



                Your original question asked:




                "If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...




                then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.



                You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.



                There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys






                share|improve this answer




























                  8












                  8








                  8







                  The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.



                  Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.



                  Your original question asked:




                  "If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...




                  then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.



                  You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.



                  There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys






                  share|improve this answer















                  The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.



                  Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.



                  Your original question asked:




                  "If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...




                  then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.



                  You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.



                  There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited 16 hours ago









                  JakeGould

                  31.7k1097140




                  31.7k1097140










                  answered 16 hours ago









                  Christopher HostageChristopher Hostage

                  3,6001028




                  3,6001028























                      5














                      It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"



                      Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.



                      How did they get in the first place to make the change?
                      Only root and login owner can change their own authorized_keys file, so those would be your suspects.






                      share|improve this answer








                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.





















                      • Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                        – hackerb9
                        4 mins ago
















                      5














                      It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"



                      Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.



                      How did they get in the first place to make the change?
                      Only root and login owner can change their own authorized_keys file, so those would be your suspects.






                      share|improve this answer








                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.





















                      • Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                        – hackerb9
                        4 mins ago














                      5












                      5








                      5







                      It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"



                      Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.



                      How did they get in the first place to make the change?
                      Only root and login owner can change their own authorized_keys file, so those would be your suspects.






                      share|improve this answer








                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.










                      It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"



                      Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.



                      How did they get in the first place to make the change?
                      Only root and login owner can change their own authorized_keys file, so those would be your suspects.







                      share|improve this answer








                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      share|improve this answer



                      share|improve this answer






                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      answered 9 hours ago









                      MarkTMarkT

                      511




                      511




                      New contributor




                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.





                      New contributor





                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.






                      MarkT is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.













                      • Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                        – hackerb9
                        4 mins ago



















                      • Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                        – hackerb9
                        4 mins ago

















                      Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                      – hackerb9
                      4 mins ago





                      Good answer. I think the questioner may be confused what it means for a key to be "public". Just because anybody can see your public key doesn't mean anybody can change it.

                      – hackerb9
                      4 mins ago


















                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Super User!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1411961%2fwhat-can-i-do-if-someone-tampers-with-my-ssh-public-key%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      El tren de la libertad Índice Antecedentes "Porque yo decido" Desarrollo de la...

                      Puerta de Hutt Referencias Enlaces externos Menú de navegación15°58′00″S 5°42′00″O /...

                      Castillo d'Acher Características Menú de navegación