Duplicate/unique SSH key-pairs for multiple clients?
Tom Buskey
tbuskey at gmail.com
Fri Apr 8 08:45:01 EDT 2005
On Apr 7, 2005 3:05 PM, Ted Roche <tedroche at tedroche.com> wrote:
> question: should I copy my public/private key-pair from the desktop to
> matching directories on the laptops? I'm not inclined to, because of
> the greater risk of the laptops being stolen while I'm on the road.
> Physical possession of the device would let anyone with Knoppix read
> the directories and lift my keys. So, I'm thinking that I need separate
> sets of keys on each machine so that if one is lost, I can remove the
> public key from all of the remote machines.
>
> It seems that I have to duplicate my work on each machine, a fairly
> trivial task of key generation and then distribution to each server. Is
> there a better way?
Encrypted filesystems can help. A long passphrase will provide better
protection (you are using a passphrase in this case?).
If you don't want to encrypt your whole $HOME, how about a floppy or
USB key that you carry with you and keep encrypted with the keys on
it?
More information about the gnhlug-discuss
mailing list