Tutorial Series

How To Use Monkeysphere to Validate SSH Servers and Clients

Default avatar
By Justin Ellingwood
Developer and author at DigitalOcean.
How To Use Monkeysphere to Validate SSH Servers and Clients

Introduction

SSH is an excellent way of securely connecting to remote hosts. However, there are some issues with easily validating the identity of the server you are attempting to connect to. Additionally, it can be hard to keep track of which users are authorized to use a busy infrastructure, especially with changing keys. Monkeysphere is a project meant to address these issues by leveraging GPG keys and the web of trust model. Using this system, we can safely make SSH connections.

Summary View
detailed View

Series Tutorials

Tutorial

When connecting to an SSH server for the first time, or if there have been changes on the host, a message is shown warning that the remote host’s identity cannot be verified. In this guide, we’ll use a system called Monkeysphere, which uses GPG’s web of trust model to validate the identity of servers to users.

Tutorial

The authorized_keys file on an SSH server can become difficult to manage with key changes and a large amount of entries. It can be hard to know which credentials are valid and which actual person each key is associated with. The Monkeysphere system allows you to configure authentication to an SSH server in plain English by utilizing GPG keys. This leads to a more manageable system and allows you to create policies for users, not keys.

Check out all our Tutorial Series

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.