问题
I'm doing some work with a company outside of my school, and they need my public ssh key.
I already have my public ssh key generated for use with github. I set this up some time ago, and if I open the id_rsa.pub file, I see it has my school email address embedded inside.
Now I'm wondering if it's typical to reuse this one key with every company you work with, or do you generate a new one for every company. I guess I have a few considerations:
- If I use the same public key with each company, and my private key were compromised, I'd need to give each company a new public key.
- My school email address appears in my current public key. I'm not sure why this is actually, but I don't think your email has anything to do with the key (or does it?).
- If I did generate a different key pair for each company I work with, I'm not sure how I'd practically switch between them when working with different companies (say via github).
My understanding is a bit weak here, any clarifications would be really helpful.
Thanks
回答1:
Your question has been asked (and well-answered!) on security.stackexchange.com: https://security.stackexchange.com/questions/10203/reusing-private-public-keys
The long and short of it is that yes, you may re-use your public key for multiple accounts, but your first consideration is a little underweight; if your private key were compromised, all of your accounts would be compromised. If the various accounts have different expectations of security, you might want to consider using different key pairs.
Your email address associated with your key is for identification purposes. It has to do with the key in that it is IN the key, but it does not impact the functionality of the key.
If you did generate a different key pair, you can tie different keys to different hosts via ~/.ssh/config. Instructions to do should be pretty easy to find.
来源:https://stackoverflow.com/questions/24563677/best-practice-for-using-ssh-key-pair-with-different-groups