If using RSA Keys for ssh login. can I leave permitrootlogin=yes in my sshdconfig file or there any security advantage turning it to off if using keys anyway?
You really shouldn’t be using RSA keys anymore. Use ed25519 keys instead for better security.
I generally prefer to leave root login disabled, but if you are going to allow it, do not set it to yes. Use the default of prohibit-password or, even better, forced-commands-only, if you can.
I normally leave it set to off. I need to scp the backup files but the permissions are root on the folder permissions. so was having issues copying backup files from the server. I’ll take on board not using RSA Keys anymore. Thanks for your reply.
1 Like