Adding SSH keys to EdgeOS-based devices like Ubiquiti Edge Router X

Add this to your local .ssh config to make your life easier:

Host erx
  HostName YOUR_EDGE_ROUTER_X_IP
  User YOUR_ERX_ADMIN_USERNAME

Now let's add your ssh public key:

> cat ~/.ssh/id_*pub
ssh-ed25519 PURRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR kitten
# Pick your fave key
> ssh erx
Enter password: # for the very last time!
foobie@ubnt:~$ configure
[edit]
foobie@ubnt# set system login user foobie authentication public-keys kitten type ssh-ed25519
[edit]
foobie@ubnt# set system login user foobie authentication public-keys kitten key PURRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR
[edit]
foobie@ubnt# commit
[edit]
foobie@ubnt# save
Saving configuration to '/config/config.boot'...
Done
[edit]
foobie@ubnt# cat .ssh/authorized_keys
# Automatically generated by Vyatta configuration
# Do not edit, all changes will be lost
ssh-ed25519 PURRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR kitten
[edit]
foobie@ubnt# exit
exit
foobie@ubnt:~$ exit
logout
> ssh erx
foobie@ubnt:~$ # SUCCESS!

1. 設定純文字密碼：

   set system login user foobie authentication plaintext-password "你的密碼"

• 進階建議：若想完全停用密碼登入

set service ssh disable-password-authentication
commit
save

Cribbed from the VyOS ssh docs.

Note: you should be sure you have a backup of the config with password auth enabled before doing this, else it's a full factory reset if you lose all the keys that let you log in.

> ssh erx
# No password to type ... feels so good!
foobie@ubnt:~$ configure
[edit]
foobie@ubnt# show service ssh
 port 22
 protocol-version v2
[edit]
foobie@ubnt# set service ssh disable-password-authentication
[edit]
admin@ubnt# show service ssh
 disable-password-authentication
 port 22
 protocol-version v2
[edit]
foobie@ubnt# commit
[edit]
foobie@ubnt# save
Saving configuration to '/config/config.boot'...
Done
[edit]
foobie@ubnt# exit
exit
foobie@ubnt:~$ exit
logout