DEV Community

Discussion on: How to Manage Multiple SSH Key Pairs

Collapse
 
mcartoixa profile image
Mac

Very useful article: everybody has a use of a reference on how to create and configure private keys. 👍🏻

The only thing I don't understand is: what angle of attack would require the use of different keys for every account? It seems to me that one key by device is enough:

  • the only practical means to get access to my private keys is to get access to my device.
  • if my keys are insecure (wrong algorithm, not enough bits) it will most probably affect all of them anyway.
  • if I lose my device I easily know what keys to deactivate on all my accounts.

Am I missing something ?

Collapse
 
josephmidura profile image
Joseph Midura • Edited

Thanks. I've had my private keys on one or more work computers in addition to my personal laptop. If the machine isn't mine, I want to be able to limit access to the key. I've also shared keys with others for team resources, which also makes multiple key management necessary.