I am to get access to a remote SFTP server. The admin has created a user for me, and generated a public/private key pair for me. Then he securely sent me the private key file, which I use for authentication. I believe this is not good, I should be the one to generate the key pair, and give the public key to him. But I'm not able to think of any good reason why this is bad, if I use this key only to log into that server, no other servers. Are there any such reasons?
I'm about to implement my own Certification Authority (CA) for interal use only.
Now there is a problem, that the CA private should never ever be exploited. So right now the private key is encrypted.
What else could be done to enhance the security of the private key?
My Git setup runs fine on Linux, but when I try to set things up under Windows (using Git for Windows and TortoiseGit), I don't know where to put my private SSH key (or, better still, how to tell ssh where it's located). I'm using the standard ssh.exe option during installation of Git for Windows. The setup runs fine if I allow password authentication (in lieu of RSA) on the server.
Like most sysadmins I use openssh all the time. I have about a dozen ssh keys, I like to have a different ssh key for each host. However this causes a problem when I am connecting to a host for the first time, and all I have is a password. I want to just connect to the host using a password, no ssh key in this case. However the ssh client will offer all the public keys in my ~/.ssh/ (I know this from looking at the output of ssh -v). Since I have so many, I will get disconnected for too many authentication failures.
Is there some way to tell my ssh client to not offer all the ssh keys?
Let's suppose I have a SSH key, but I've deleted the public key part. I have the private key part. Is there some way I can regenerate the public key part?