[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh clarification needed



Todd Zullinger wrote:
Kevin Kofler wrote:
* authentication keys - those are what you use to log in instead of
a password. They're one per user and machine unless you explicitly
copy the private key to a different machine or user account
(something you normally shouldn't do

I presume you mean only the latter part (copying the private key to
another user account) is something that you shouldn't do?

There is no "the" private key, you can create as many public/private pairs as you find useful. You can also have any number of keys in authorized keys, each of which is associated with a single command rather than a shell. This allows many systems which have copies of a given private key to execute a single command on a remote system over an encrypted link. The uses for this are limited only by your imagination.

I share the same ssh private key between my desktop server and my
laptop (both as the same user).  I don't see much reason to have two
separate keys for that.

Maybe. On the other hand, you could have a unique key for each, and use a shared private key via the "-i" option to perform normal operations, while preserving the ability to have distinct keys for connection to some other systems.

It depends on what you find useful.

--
Bill Davidsen <davidsen tmr com>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]