Quote:
Originally Posted by ckeeper
Anyway with "without-password" the guy need to have access to your machine first to generate a key to put it on his machine to after that login. Even with this option you can't log with the root password directly.
|
You don't have to generate keys on the system you will be accessing using that key. You can generate keys on any system, even Windows using puttygen. You don't need SSH access to the system in order to put the key in place, either. You just need to be able to write to ~/.ssh/authorized_keys. Which is why .ssh/ should have permissions set to 700, so that if someone hacks the web server, gets shell access, etc, they still won't be able to write to that directory without having root access.