The SSH, is a great set of tools that communications with remote servers. You can use the SSH component to remotely log into the commandline of a remote machine, and you can use either scp or sftp to securely transfer files. The default way to use any of these SSH components is to use the username and of a person's normal Linux user account. So, logging into a remote machine from the Terminal of my OpenSUSE workstation would look something like this:

donnie@linux-0ro8:~> ssh [email protected]
[email protected]'s password:

While it's true that the username and password go across the network in an encrypted format, making it hard for malicious actors to intercept, it's still not the most secure way of doing business. The problem is that attackers have access to automated tools that can perform brute-force password attacks against an SSH server. Botnets, such as the Hail Mary Cloud, perform continuous scans across the internet to find internet-facing servers with SSH enabled.

If a botnet finds that the servers allow SSH access via username and password, it will launch a brute-force password attack. Sadly, such attacks have been successful quite a few times, especially when the server operators allow the root user to log in via SSH. 

In the next section, we'll look at two ways to help prevent these types of attacks:

• Enabling SSH logins through an exchange of public keys
• Disabling the root user login through SSH

Now, let's create some keys.