What can I do if someone tampers with my SSH public key?

linux encryption

You can always regenerate a public key as long as you have the private key.

You ask:

If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?

So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?

No worries as long as you have your private key. Just run this command:

ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub

And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub via this method. So you might want to open it up in a text editor and manually add that.

About your other concerns.

Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.

Typically, someone would need to be able to gain access to root—or an account that has password-less sudo privileges or access to your own account on that machine—to do that. And that is not unheard of but a rare occurrence at best.


It sounds like you are asking if someone got into "my" Linux box, modified the .ssh/authorized_keys, which contains the public keys which allow access to the Linux box, and "modify it, wouldn’t that prevent me access to the server; therefor(e), affecting availability on my end?"

Yes if the public key is changed in the authorized_keys file it won't match your private key, but this is like saying, someone got inside your house, changed your door lock, and now your house key doesn't work anymore.

How did they get in the first place to make the change? Only root and login owner can change their own authorized_keys file, so those would be your suspects.

Related

Limit Excel CPU Usage
Calling a JavaScript function named in a variable [duplicate]
How do I decrypt a password-protected PDF on OSX?
How to POST file contents using cURL?
How many physical CPUs does my machine have?
Locked folder with obscure app from SourceForge - now I cannot unlock the folder
Multi-project test dependencies with gradle
Getting row of UITableView cell on button press
How do I add text to an image in iOS Swift?
"wait_fences: failed to receive reply: 10004003"?
How do I inject a controller into another controller in AngularJS
Using FileSystemWatcher to monitor a directory