Thanks to Jay’s videos, I started to use SSH keys to access my linux VMs/Servers.
One thing however got my attention when adding a public SSH key to a server:
Imagine someone finds out what is my username and password. My server doesn’t allow root ssh login and doesn’t allow password login, SSH key login only.
I might be missing something here but if that person who figured out my username and password uploads his/hers public key to my server (ssh-copy-id [user]@myDomain.com), then they will get access to my server. Is there a way to configure my server not to add new public keys?
Thanks
