this post was submitted on 15 Jun 2026

10 points (77.8% liked)

No Stupid Questions

48507 readers

1057 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.

Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.

Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.

Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 3 years ago

MODERATORS

technopagan@lemmy.world

How is an SSH key useful ? (retrofed.com)

submitted 17 hours ago by LoveEspresso@retrofed.com to c/nostupidquestions@lemmy.world

10 comments fedilink hide all child comments

top 10 comments

sorted by: hot top controversial new old

[–] cecilkorik@piefed.ca 5 points 8 hours ago

It's both far more convenient and far more secure. There's basically no downside.

Passwords are an obsolete technology that we keep widely using because they're familiar and comfortable and then we try to bandaid-fix their issues with MFA which almost everyone finds intensely aggravating (and rightly so). Passwords are an awful choice from a security point of view.

SSH was well ahead of the curve on allowing and adopting passkeys, but you will notice an upcoming push towards passkeys for everything, because the rest of the tech oligarchy has finally discovered that, like with MFA, they can use it as a way to capture your entire online identity within your phone which they own and control (even though you paid for it) and then use this as a lever to maintain their control of you, your phone, and your online identities. Enjoy your age verification journey!

SSH keys are not locked to your phone and don't have any big-tech strings attached, they are free and open and can be stored on any device, including ones you actually own and control, as it should be. SSH keys are the real deal.

[–] cyberpunk007@lemmy.ca 2 points 9 hours ago

In addition to what others have said, you can also use it for MFA. For example, SSH to a server, force checks keys then enter password.

[–] floquant@lemmy.dbzer0.com 17 points 15 hours ago

More secure and more convenient than passwords. If you are exposing SSH to the internet, you really shouldn't have password authentication enabled

[–] scytale@piefed.zip 6 points 13 hours ago

It’s something you have instead of something that can be guessed. The window gets a bit smaller if someone has to actually be in possession of a file instead of just being able to guess or bruteforce a password.

[–] trxxruraxvr@lemmy.world 17 points 16 hours ago (1 children)

They are much harder to guess than most passwords that people use, to te point of being unfeasible to brute-force. This makes them a much more secure option than passwords.

[–] T156@lemmy.world 7 points 15 hours ago* (last edited 15 hours ago) (1 children)

It's also a lot easier to use. You don't need to type a password, since it basically exists as a file.

[–] trxxruraxvr@lemmy.world 1 points 8 hours ago

All my ssh keys are password protected, so I personally dont have a difference there. I would recommend doing that as a protection against supply chain attacks that steal keys.

[–] webghost0101@sopuli.xyz 2 points 11 hours ago* (last edited 11 hours ago) (1 children)

I actually looked this up earlier today because i didn’t understand part of it.

An ssh key is, as i understand it, a way to encrypt the connection so only a device that has they key can unlock it.

There are 2 parts, a private key which should never be shared and a public one which can freely be shared.

You usually generate both keys on the device that connects to the ssh, keep the private key on there with the public key going on the server. Thats the part that confused me. (Why is the secret one not on the server i don't want people to access)

But the way it works is that the public key is used to encrypt/lock something.And only the private key can unlock it.

Any other device that tries to connect just gets an encrypted connection they don’t have the key for. Because these keys are so long no current day tool can guess or crack them. So it is the absolute safest way to establish an ssh connection.

Quantum computers might in the future be able to break them but solutions for this are being worked on.

There are also some systems where you have 2 key pairs where the server also has a private key, to authenticate both ways.

[–] Dran_Arcana@lemmy.world 3 points 10 hours ago

ssh keypairs secure from the point of authority. In the case of you logging into your account, the server's job is to ask a question that only you can answer.

In the case of a password, the remote server doesn't store your password either, it stores a derivative hash that can, in theory, only be generated using complex math + your password as an input. You are the only one that stores your actual password.

In the case of an ssh keypairs, it works very similarly. The public key allows the server to cryptographically ask a question that only the private key can generate an answer to correctly.

It is fundamentally the same secret exchange handshake as a password just with a few extra steps to make things more secure during automation. A password can be weak and guessable, an ssh key cannot (at least not any more than other keys of the same algorithm can).

[–] mhzawadi@lemmy.horwood.cloud 7 points 16 hours ago

That depends on what your doing

For connecting to a server it can be the only way in