So this is not a very specific question, but how do people reuse their SSH keys? I mean, I wanted to set up a GitHub account. I also have a key pair for logging into a machine at home remotely. Now, maybe I did not massage my Google search terms correctly, but is considered poor form to use the same key pair for the convenience factor? I know security people will probably yell "HELL NO" at me, but how do you sysadmins handle this in practice?
SnapOverflow
Two key questions to ask yourself:
How secure is your private key?
How critical are the systems you're logging in to?
The first question is the most important: If your private key is safe -- e.g. stored only on one secure machine where nobody has physical access but you, with a paranoid firewall between it and the internet whenever it's connected -- you can reuse your key.
(If your private key is not safe you have bigger problems to deal with.)
The second question relates to "do you want to reuse a key -- I personally have 3 SSH keys:
If any one of these keys gets compromised the amount of damage is limited (as is the amount of re-keying required: I only have to change
authorized_keyslists on systems affected by the compromised key (for example if my personal key somehow gets compromised I don't have to worry about work machines being broken into).In practice the keys are only as secure as the machine/media holding the private half (my work private key is on an encrypted USB stick -- If I need it I have to mount that device first, while my personal and "Services" keys are both in
~/.sshon my laptop -- A compromise of my Work systems would be more devastating than someone deleting all my personal email...)As configuring and managing several keys using ~/.ssh/config is easy and straightforward, I create always new keys and always with password for different connections or hosts, as long as these are external hosts.