That is a really good question, Jack! I added this because sometimes I don't have my key available. For example on my mobile phone. Then I either tell the one who needs it that she/he can copy it from there.
I don't see a security issue here because the private key can't be generated from the public key.
Also this key is more a temporary key as I always generate a new one for a server. This key is used as first entry key for simplicity and then I replace it with the new one I have generated.
Do you see any security issue when sharing a public key?
I assume it's mostly a "Hey, you're giving me access to your server. Here's my public key to get access" kind of thing right? I assume there are other scenarios where you'd need to give out the public key?
I guess I was just under the impression that you would still treat both halves of the SSH key like a password. But I guess I've also never been in a place where I needed SSH access to something where I didn't have the generated keys from that machine already installed.
I guess I was just under the impression that you would still treat both halves of the SSH key like a password.
To be honest it's not possible for me to keep my public key private because I have access to so many different customer's servers.
That's the reason why I create a new key pair for almost every server.
So in most cases, especially when I'm not on my computer, it's just easier for me, to tell someone that she/he can find my public key on my website and I'll replace my key with the new one later.
What's the point of sharing your public SSH key?
That is a really good question, Jack! I added this because sometimes I don't have my key available. For example on my mobile phone. Then I either tell the one who needs it that she/he can copy it from there.
I don't see a security issue here because the private key can't be generated from the public key.
Also this key is more a temporary key as I always generate a new one for a server. This key is used as first entry key for simplicity and then I replace it with the new one I have generated.
Do you see any security issue when sharing a public key?
Good point, actually. You give away your public key to some other parties anyway, and you cannot trust them. So yeah, it's a good idea :)
I assume it's mostly a "Hey, you're giving me access to your server. Here's my public key to get access" kind of thing right? I assume there are other scenarios where you'd need to give out the public key?
I can't think of any. I guess even if there are, they fall into 1% of the cases.
Look what I've found: security.stackexchange.com/questio...
I guess I was just under the impression that you would still treat both halves of the SSH key like a password. But I guess I've also never been in a place where I needed SSH access to something where I didn't have the generated keys from that machine already installed.
To be honest it's not possible for me to keep my public key private because I have access to so many different customer's servers.
That's the reason why I create a new key pair for almost every server.
So in most cases, especially when I'm not on my computer, it's just easier for me, to tell someone that she/he can find my public key on my website and I'll replace my key with the new one later.
Ahh.. Ya, that definitely makes sense. Thanks for sharing the insight!