07-02-2018, 06:08 AM
@deanhills
Of course you can. It will take longer to generate the key pair and due to the high encryption level operations over SSH can take a bit longer in certain situations (really depends on network speed, hardware on both sides, load and other factors). I used to have a VPS with a poor old Intel Core 2 Duo CPU and there a 8192 bit key had impact even on the initial connection and key exchange time due to the CPU of the server needing more time for decryption/encryption of information/traffic. Modern hardware should be no porblem for this though.
That's my point. You need the whole key. You may NOT omit anything of it or there might be the issue that you cannot login due to the key not being recognized.
My tip: Before disconnecting the old session that was initiated with password login make sure the key is recognized and login with the key is working. So you will always have a working session open to fix issues. Of course with OpenVZ you can also use the emergency console to fix the issues. On KVM you probably have a noVNC console for emergency access that connects directly to the server like it would be a local server.
Quote:can I put in 8192 bits in that empty box at the bottom when I generate a key?
Of course you can. It will take longer to generate the key pair and due to the high encryption level operations over SSH can take a bit longer in certain situations (really depends on network speed, hardware on both sides, load and other factors). I used to have a VPS with a poor old Intel Core 2 Duo CPU and there a 8192 bit key had impact even on the initial connection and key exchange time due to the CPU of the server needing more time for decryption/encryption of information/traffic. Modern hardware should be no porblem for this though.
Quote:What I found interesting too is that there is a tiny portion of the public key right at the beginning of the key - ssh-rsa - that one copies and pastes to one's VPS that isn't really part of the actual key. More like a heading? I had to think whether to include it for a few seconds until I understood that I had to include absolutely everything that was in the Public Key field for pasting to the VPS.
That's my point. You need the whole key. You may NOT omit anything of it or there might be the issue that you cannot login due to the key not being recognized.
My tip: Before disconnecting the old session that was initiated with password login make sure the key is recognized and login with the key is working. So you will always have a working session open to fix issues. Of course with OpenVZ you can also use the emergency console to fix the issues. On KVM you probably have a noVNC console for emergency access that connects directly to the server like it would be a local server.