ssh: is there any issue with adding my personal public key to authorized_keys?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
There is less than 2 hours left to vote in the 2015 LinuxQuestions.org Members Choice Awards. Click here to go to the polls. Vote now and make sure your voice is heard!
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
This would enable you to connect to your computer remotely when you are away. You could keep your keys on a pendrive. It would be much better to produce a second set of keys for this purpose however. Also use a strong passphrase. This would be a better idea. If you were to loose your pendrive, or you think that your keys may have remained on someone elses computer, you can remove your portable key from the authorized key list and generate new ones.
The passphrase protects the private key on the client. The public key matches the private key on the client, so your question also implies using the same key pair on more than one system. There would be no advantage to this even if both computers are on your own lan. If one is compromised the other would be.
Well, I asked in general but, specifically to me. I'm not worried about carrying my keypair around on a keychain because it's just for accessing my two computers. If I lose my keychain I can very quickly regenerate new keys without major inconvenience. I'd just like to be able to make copies of my home directory on one computer to the other, and have them be able to access each other, without having to setup separate backup rules for the .ssh directory.
I'm not sure about the relative security implications, but if what you want to do is to keep two copies of your home directory on other machines, then have you considered simply mounting the /home directory across the network? You could even use fuse/sshfs to access your home directory over SSH.
Of course, that will only work if one machine is always up and the other is always on the same network.
Well, we're getting beyond the scope of this thread. But I don't really want to get into the sshfs idea because it complicates the boot process. In addition, the main reason for the two copies are for backup. The secondary home directory is on my grandfather's computer in another town. But it's also useful to have my home dir there because I use his computer frequently.
I think I will just keep my keypair on each computer. I don't think there are any major security implications. If his computer is compromised chances are it will be by a burglar unaware of what my keypair even is and I will have more than enough time to make a new one.
You need to worry about your Grandfather's computer being compromised on line as well. What is so hard about having a key pair for each computer? You could use the same pass phrase for both private keys, and copy the public key from each one to the authorized_keys file of the other.