Coding - cross machine security

Found a useful article for this on SUSE documentation now to pick it to bits and produce a version for my local use. First problem is the key selection is now deprecated anyway.

One thing I did forget was enabling ssh login to the root account. Yes I know it's a 'security risk', but it really is easier when one is running servers where most of he actions require sudo level passwords, so lets just skip to the chase.

sudo nano /etc/ssh/sshd_config
PermitRootLogin yes
ctrl-O ctrl-X to save
sudo systemctl restart sshd

Then I can at least log out and in again as root. Next step to make both accounts auto-login

ssh-keygen -t ed25519 -N '' -f ~/.ssh/id_ed25519

But what I missed previously was that I only need the one key per machine! So having created a more modern ed25519 key, all I need to do is copy it to the other account and then tell both accounts on the other two machines ...

ssh-copy-id root@srv10
ssh-copy-id lester@srv10
ssh-copy-id root@desktop
ssh-copy-id lester@desktop

Thuis just left the problemI'd originally started with which was the old leap distro whould not connect via sftp. The same problem happened here but the fix actually worked by adding Subsystem sftp /usr/lib/ssh/sftp-server to the sshd_config file created above. I think it also needs a manual connection via the command line just to complete the final key copy with 'sftp root@desktop' and then 'sftp lester@desktop' just worked as well.

I do think I need to verify just what key is now being used where but at least all paths do seem to be working and I can get back to sorting the media server files once I sort a copy of the metadata from the old server's disk.