voipmeister.com voip stuff matters and more

Use ssh keys with your Ubiquiti user

To secure your Ubiquiti user account, you can add your ssh key to the account.

Assuming your on Linux or macOS, these are the steps (make sure you use the IP address of your EdgeRouter):

On your system

cd ~/.ssh
scp ~/.ssh/id_rsa.pub 192.168.1.1:/tmp  

On your EdgeRouter

configure
loadkey admin /home/admin/id_rsa.pub
commit
save
exit

Unfortunately, this gave me:

Not a valid key file format (see man sshd) at /opt/vyatta/sbin/vyatta-load-user-key.pl line 96, <$in> line 1.

The solution is to take the key part out of your id_rsa.pub file en specify the key and the key type both in the configuration tree.

configure
set system login user admin authentication public-keys user@host key ***KEY-BODY-HERE***
set system login user admin authentication public-keys user@host type ssh-rsa
set service ssh disable-password-authentication
commit
save
exit