LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-06-2014, 04:18 PM   #1
Ryanms3030
Member
 
Registered: Jan 2014
Distribution: Debian, Mint, CentOS, Ubuntu
Posts: 261

Rep: Reputation: Disabled
Managing multiple RSA ssh key sets?


I have just started moving to using RSA keys for my ssh authentications instead of passwords. I have one cloud based server, one local server and two vm servers on my local. I log into them from 3 different clients (laptop, work computer and my phone).

I want to make sure I have all the right keys in the right places so I can disable password logins all together. I started making keys and testing and copied them to back them up but I was stupid and didn't label them in a way that I know which pair goes with which server.

Can I just recreate the keys and copy the new key to my servers and over write the existing keys? Or if not is it ok to have multiple public keys on the servers?

I'm trying to set this all up without locking myself out (especially on the cloud where I can't get in front of the machine)
 
Old 03-06-2014, 04:35 PM   #2
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,563
Blog Entries: 13

Rep: Reputation: Disabled
I make directories under .ssh and stick all my client keyfiles there in a directory for each, one per client.
I make heavy use of aliases that do all the typing for me.
Code:
alias grid1='ssh -i /home/jj/.ssh/c9/c9grids [email]user@ipa.ddr.ess'
I know this all can be simplified in an ~/.ssh/config file, I just haven't taken the time to do so.

Quote:
Originally Posted by Ryanms3030 View Post
Can I just recreate the keys and copy the new key to my servers and over write the existing keys? Or if not is it ok to have multiple public keys on the servers?
naw, you can just copy the contents of your main key.pub (or the one you just made) to any server you want to access. Or... copy the contents of say, /root/authorzed_keys (or keys2) to any server you wish access to.

Fire away!

Last edited by Habitual; 03-06-2014 at 04:37 PM.
 
Old 03-06-2014, 04:53 PM   #3
Ryanms3030
Member
 
Registered: Jan 2014
Distribution: Debian, Mint, CentOS, Ubuntu
Posts: 261

Original Poster
Rep: Reputation: Disabled
Thanks again!
 
Old 03-07-2014, 08:11 AM   #4
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,563
Blog Entries: 13

Rep: Reputation: Disabled
Quote:
Originally Posted by Ryanms3030 View Post
Thanks again!
You're very welcome!

Here's how I "organize" some of my dozens of aliases and their keys:
Code:
source /home/jj/.ssh/c9/c9.hosts
source /home/jj/.ssh/c9/amn.hosts
source /home/jj/.ssh/c9/savvis.hosts
source /home/jj/.ssh/c9/dataworks.hosts
source /home/jj/.ssh/c9/lavoult.hosts
source /home/jj/.ssh/c9/Enkantika.hosts
in my ~/.bashrc
each of those .hosts file has the client's hosts' aliases in them, eg:
Code:
cat /home/jj/.ssh/c9/lavoult.hosts
alias lvlb01="ssh -i /home/jj/.ssh/LaVoult/matt_root_c9 root@123.456.xxx.xxx"
alias lvgtwy01="ssh -i /home/jj/.ssh/LaVoult/matt_root_c9 root@123.456.xxx.xxx"
alias lvweb01="ssh -i /home/jj/.ssh/LaVoult/matt_root_c9 root@123.456.xxx.xxx"
alias lvdb01="ssh -i /home/jj/.ssh/LaVoult/matt_root_c9 root@123.456.xxx.xxx"
alias lvweb01a="ssh -i /home/jj/.ssh/LaVoult/matt_root_c9 root@123.456.xxx.xxx"
One of the benefits I found for this method is I don't have to go digging if I need to change one host entry, I know it's in a .hosts file on my system. A simple edit and reload .bashrc and I'm good.

Hope that helps.
 
Old 03-07-2014, 09:28 AM   #5
grim76
Member
 
Registered: Jun 2007
Distribution: Debian, SLES, Ubuntu
Posts: 308

Rep: Reputation: 50
You can also use a file named config in your .ssh location. I use that to specify settings and keys for some of the environments that I manage.
 
Old 03-07-2014, 11:13 AM   #6
Habitual
LQ Addict
 
Registered: Jan 2011
Posts: 8,563
Blog Entries: 13

Rep: Reputation: Disabled
Quote:
Originally Posted by grim76 View Post
You can also use a file named config in your .ssh location. I use that to specify settings and keys for some of the environments that I manage.
I knew of this method and could be using it, but I'm a stick in the mud!
 
Old 03-07-2014, 01:41 PM   #7
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
i personally use the config file in my ~/.ssh/ directory for this type of work as grim76 pointed out. read up on some of the links i have in my sig.
 
Old 03-07-2014, 04:18 PM   #8
Ryanms3030
Member
 
Registered: Jan 2014
Distribution: Debian, Mint, CentOS, Ubuntu
Posts: 261

Original Poster
Rep: Reputation: Disabled
So I have this figured out from Linux client but I am also trying to set it up from a Win client with Putty. I have followed a couple of different tutorials such as this (they all had the same basic steps)

https://www.digitalocean.com/communi...nnect-to-a-vps

But I can't connect from Putty unless I log in with user/pass. In putty after setting up the keys when I click ok to connect nothing happens.
 
Old 03-07-2014, 07:32 PM   #9
Ryanms3030
Member
 
Registered: Jan 2014
Distribution: Debian, Mint, CentOS, Ubuntu
Posts: 261

Original Poster
Rep: Reputation: Disabled
Disregard my last post , I was being stupid. I forgot to the host name in the Putty session screen. I thought I had it saved to a session but guess not. I have it all working now. Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Putty/SSH login failed when using RSA public key: 'Server refused our key' itsecx@gmail.com Linux - Server 10 10-04-2010 01:19 PM
Possible to have multiple SSH accounts & clients using the same RSA key on server?? a2brute Linux - Server 2 03-31-2008 12:25 PM
SSH rsa key PB0711 Linux - Security 3 09-10-2006 03:57 PM
SSH RSA key problem taiwf Linux - General 3 05-21-2006 09:33 PM
ssh RSA key thanat0s Linux - Security 3 09-29-2003 09:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:47 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration