An administrator needs to enable a fellow technician to access a remote Linux server for system management. Which of the following configurations will BEST ensure that the technician can connect securely without password authentication?
Instruct the technician to use ssh-add followed by the server's IP to access the server.
Modify the ~/.ssh/config file on the technician's machine to include the server's information.
Use ssh-keygen to create a key pair and ssh-copy-id to copy the public key to the server.
Provide the technician with the server password to use with SSH.
Generating an SSH key pair with ssh-keygen and then using ssh-copy-id to append the technician's public key to the server's ~/.ssh/authorized_keys file enables public-key authentication. The private key remains on the technician's workstation, and the SSH daemon grants access only after the technician proves possession of that key, eliminating the need to transmit or store a password on the server. Simply providing the server password continues to rely on weaker, brute-force-susceptible password authentication. Running ssh-add alone merely loads an existing private key into the local ssh-agent and does not install the key on the server. Editing ~/.ssh/config can set host aliases or specify an identity file, but it still requires the public key to be present in authorized_keys to permit passwordless login. Therefore, deploying the key pair with ssh-copy-id is the most secure and complete solution for password-free access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is `ssh-keygen`, and why is it important?
Open an interactive chat with Bash
What does `ssh-copy-id` do, and how is it used?
Open an interactive chat with Bash
Why is SSH key-based authentication considered more secure than password-based authentication?