Transfer public-keys to server by SFTP

I’m new to Linux servers and following through Post Installation Tasks, which is beyond me.

I accidentally created different types of SSH keys and they are in the same folder.
id_ed25519 id_ed25519.pub id_rsa id_rsa.pub

When I try to transfer and install the Public Key onto the Server using sftp, it shows a warning message ‘a key exists…someone is eavesdropping’.

Can anyone step through the following with a bit of explanation of these Fedora Docs and let me know what I have missed/mistaken?

[…]# sftp hostmin@example.com
sftp> put ~/.ssh/<outputkeyfile>.pub
sftp> quit

Thanks.

If already have ssh access to the remote host, I will use ssh-copy-id to add my local ssh key to the remote host.

In Cockpit, there is SSH keys menu where it shows ‘Add key’.
Would it work like copy-id?

5b0a92ea659fec189098ccca2fb5def006a6f4f8.png

1 Like

Yes. It will work also.

It seems that the Cockpit is looking for a private key, and the public key needs to be transferred either using copy-id or sftp as advised by the Fedora docs.

Warming message below;
Not a valid private key.

Do I need to configure Open SSH files under section 4 of the Fedora docs - Disable System Users Password Login?

https://docs.fedoraproject.org/en-US/fedora-server/sysadmin-postinstall/#_4_disable_system_users_password_login

Hope that I’m not wrong: The public key should not be transferred to the remote .ssh folder, but the contents should be appended to ~/.ssh/authorized_hosts. That’s what ssh-copy-id does. Of course, you can sftp the public key to whatever location on the remote, as long it is not in ~/.ssh, and do the append or edit there.
Password login can be disabled on the remote host in the sshd config file, but be sure not to lock out yourself and check that public key login works before!!!

2 Likes

Thanks for that and helping avoid the worst-case :slight_smile:
I think I attempted network config with no foundation.

I’ll research a bit, run through a few steps. After trials & errors, when successful, I’ll share the results here.

Tested and worked, thanks @hmmsjan1 @sampsonf
I followed key generation in here. https://discussion.fedoraproject.org/t/set-up-root-login-via-key-file/73779/12?u=hankuoffroad

Then I did.
$ ssh-copy-id <login>@<hostname>

[Result]
Number of key(s) added: 2

Check in the local workstation if everything works - logged in to the remote host without a password.

$ ssh <login>@<hostname>

2 Likes