82.3 SSH Public Keys Management


It is good practice to utilise multiple public keys for different scenarios. For example, generate a public key for accessing a GitHub repository from multiple servers. Copy the private key to each server that requires access to the GitHub repository. Ensure the private key is passphrase protected, noting that the sysadmins (or anyone with sudo access) on those servers could otherwise compromise your GitHub access.

$ ssh-keygen -f ~/.ssh/id_rsa_github

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/kayon/.ssh/id_rsa_github
Your public key has been saved in /home/kayon/.ssh/id_rsa_github.pub
The key fingerprint is:
SHA256:RwrmBN3Tzh+Zdfkj8jJdhHFFuUhjny73jdJjI7/V7T8 kayon@alpine
The key's randomart image is:
+---[RSA 3072]----+
|        +     .o+|
|       o B   . =o|
|      o * o . o.o|
|      .o + . . o.|
|     . S . o. o o|
|         . . * +o|
|          o +.*.o|
|         . + ==F.|
|          o.*=C*B|

Install the contents of /home/kayon/.ssh/id_rsa_github.pub on GitHub. Add the private key to your local ssh-agent:

$ ssh-add ${HOME}/.ssh/id_rsa_github

Enter passphrase for /home/kayon/.ssh/id_rsa_github: 
Identity added: /home/kayon/.ssh/id_rsa_github (kayon@alpine)

Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0