Introduction

Administering large numbers of SSH keys and servers can be very difficult as your organization grows. Correctly identifying valid keys and removing invalid keys throughout an organization can be fraught with errors and have huge consequences on your server security.

In addition, when there are server changes, sometimes your users will receive warnings about being unable to establish the authenticity of your server. Most users will not double-check the key fingerprint of the server before connecting, allowing someone to potentially spoof the server and execute a man-in-the-middle attack.

A project called monkeysphere was created to address these issues. It does this by leveraging GPG keys and the web of trust model to both validate a server’s credentials, and provide easy user management.

In this guide, we will discuss how to set up monkeysphere in order to validate your server to users. This will solve the problem of users having to guess whether the server they are connecting to is actually the one they’re attempting to access. Usually, when you connect to a server for the first time, you will see something that looks like this: Continue reading How To Validate SSH Server Identities with Monkeysphere on an Ubuntu VPS →