Our system does not access your site's filesystem until after you have authenticated yourself. Also, correct authentication depends on both member name and site (since more than one member name may have permission to access a given site and a given member name may be able to access more than one site). Therefore, you cannot place a public key file in your site's filesystem to bypass password authentication.
Instead, we keep a separate keychain for ssh keys for each member outside the filesystem. If you have a public key you wish to use to authenticate your ssh connection in lieu of your password, you can set that up on the profile tab.
Per current best security practices, here are the key types we support:
- RSA keys of 2048+ bits (4096+ recommended) not on the Debian weak key blacklist are supported.
- ECDSA keys of 256 and 521 bits (521 recommended) are supported. (Recommended for low-power mobile devices due to speed.)
- Ed25519 keys are supported.
DSA/DSS ("ssh-dss") keys are not supported. This is a US government FIPS standard developed by the NSA and intended only for low-security usage. (Read: they are probably not secure.)
Once installed into your membership's keychain, an ssh key may be used to authenticate access to any site you are authorized to access, including all of your own sites and any sites you may have adjunct access to.