SSH Keys - unauthorized access

Thanks to Jay’s videos, I started to use SSH keys to access my linux VMs/Servers.
One thing however got my attention when adding a public SSH key to a server:

Imagine someone finds out what is my username and password. My server doesn’t allow root ssh login and doesn’t allow password login, SSH key login only.
I might be missing something here but if that person who figured out my username and password uploads his/hers public key to my server (ssh-copy-id [user]@myDomain.com), then they will get access to my server. Is there a way to configure my server not to add new public keys?

Thanks

You can only use ssh-copy-id if you have ssh access to the server.

1 Like

I know I was missing something :slight_smile:
Thanks a lot!