Sharing SSH Keys to login?

Solution 1

SSH keys have two parts, the secret/private key (usually in ~/.ssh/id_rsa), and the public key (~/.ssh/id_rsa.pub). The secret key can be used to prove who you are (or at least that you hold that secret key), and the public key can be used to check the secret key.

You never pass the secret key to any other party, as that would give them the ability to impersonate you.

As for which public key you install (or send to be installed) on the remote server, is up to you: it depends on what private key you want to use to login there.

If you have a private key on your Macbook, and want to login using that, then send the public key corresponding to that. That's probably the one in your first server's authorized_keys or in your Macs id_rsa.pub. If you want to login from the first server, then send the public key of that server's key, the one in the machines id_rsa.pub.

If you want to login using both keys, you'll need to arrange both in the authorized_keys on the target server.

If you wanted to, you could create multiple private keys on the same system and use different ones for different remote systems. That just requires a bit of bookkeeping to know which key you used where, and some configuration of the SSH client so that it knows to try to use all of the keys. (If you have lots of keys, you may need to configure it per-host.)

Passing the public key (id_rsa.pub) to a third party is no risk. It's in fact exactly what you need to do to allow them to identify you by your private key.

Solution 2

The .pub in the filename id_rsa.pub indicates that it is a public key which is fine to share with anyone managing a remote machine you want to access via ssh. The corresponding private key which should not be shared is id_rsa.

By adding your id_rsa.pub in a remote ~/.ssh/authorized_keys, the administrator of the remote machine is authorizing anyone with access to the private key id_rsa to connect. When you are asked for a public key to share, the administrator of the remote machine will expect a something.pub file.

Solution 3

Authorized_keys contains all the public keys which you put on server you want to connect to. The id_rsa.pub is the file containing a single public key created when you generated a key pair.

If you are acting as a client to the service then you would supply them with a public key. Whether you use an existing public key (and therefore which one if you have multiple) or create a new key pair is not something we can answer - but an important consideration is where you will be connecting from - you don't want to be scattering important private keys across lots of different servers.

Related videos on Youtube

15 : 46

Linux/Mac Tutorial: SSH Key-Based Authentication - How to SSH Without a Password

Corey Schafer

231

08 : 26

How to use SSH Public Key authentication

Average Linux User

91

05 : 48

Configure SSH Password less Login Authentication using SSH keygen on Linux

LearnITGuide Tutorials

70

08 : 46

Use ssh key to log into remote server

Linux Tutorials

14

04 : 51

6. Tạo SSH key và clone repo từ github

Dư Thanh Được

4

Author by

Admin

Updated on September 18, 2022