A Linux administrator needs to configure passwordless SSH access for a new developer to a production web server. After the developer generates a new SSH key pair on their workstation, which of the following represents the most secure and efficient method to deploy the public key?
Edit the /etc/ssh/sshd_config file on the server and add the public key's contents.
Run ssh-copy-id user@server from the developer's workstation.
Copy the contents of the private key into the ~/.ssh/authorized_keys file on the server.
Use scp to copy the public key to the server, then append its contents to the ~/.ssh/authorized_keys file.
The ssh-copy-id user@server command is the standard, most secure, and efficient method for deploying a public key. This utility automatically handles creating the ~/.ssh directory and the authorized_keys file on the remote server if they do not exist, appends the key, and, most importantly, sets the correct restrictive file permissions (e.g., 700 for the directory, 600 for the file). While using scp to copy the key followed by appending it is a functional manual method, it is more error-prone as it does not automatically enforce correct permissions, which can lead to security vulnerabilities or authentication failures. Transferring the private key is a severe security violation. Editing /etc/ssh/sshd_config is incorrect for adding a user's public key.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the ssh-copy-id command, and why is it preferred?
Open an interactive chat with Bash
Why should the private key never be transferred to the server?
Open an interactive chat with Bash
What happens if permissions on the authorized_keys file are incorrect?