Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Hmmm interesting - do you recommend I use the same key for github, my personal server, some work servers, etc?


Yes, but use an RSA key.

It doesn't really matter how many you have, you still need to protect them. Encrypt your laptop, lock your screen when you get up for a break, etc, etc.


Personally, I use one key pair per source user/device pair and then comment in the authorized keys where each public key is from. To me, it is more likely that a user/machine pair will be compromised than a key. This makes cutting a compromised box or account off easy. :-)


Why not?


Personally, I like to have different keys that I treat with different levels of care/paranoia. I'm not particularly worried about leaving my github key 'added' to my ssh agent 24/7, but I don't do that with my work production key.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: