1

Can you correct me on this. I create a keypair on my PC. Copy the public key (append to authorized_keys) on the server. Disable password auth on the server, and SSH to server from my PC. I have the public and private keys on my PC.

Do I need the public key anymore on my PC to connect?

If someone gets the public key off the server, can they login or no cause they don't have the private key?

JW2014
  • 191
  • 1
  • 4

1 Answers1

6

Do I need the public key anymore on my PC to connect?

No, all you need is the private key.

If someone gets the public key off the server, can they login or no cause they don't have the private key?

They can't login since well..... they got the public key. By definition, a public key is public. If people can login with the public key that would render it quite useless hmm?

  • 6
    Note that the public key can always be recomputed from the private key (but not the other way round, of course). Therefore, as long as you have the private key, you also have the public key -- potentially. – Thomas Pornin Sep 24 '13 at 01:03
  • @ThomasPornin ...though if you have to ask if you need the public key then presumably you wouldn't know how to recompute it.. – tylerl Sep 24 '13 at 08:26
  • @tylerl: for the record: `ssh-keygen -y` – user1686 Sep 24 '13 at 16:13