ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    SSH Key Best Practices

    IT Discussion
    linux ssh security
    4
    4
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates
      last edited by

      Is it best practice to use one key for multiple servers or to use one key per server?

      1 Reply Last reply Reply Quote 1
      • DustinB3403D
        DustinB3403
        last edited by DustinB3403

        1 key per server.

        if any server is compromised otherwise, you'd only have to generate a new key, and fix the security holes with that server.

        Alternatively if you shared a key between several servers and that key is compromised, you have to create and redistribute that key out and fix the security holes on every server.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          It is standard for there to be a new key generated for each 'from' server and to share it to many other servers. The key infrastructure is one to many. The private key should exist in just one place while the public would exist in many places.

          1 Reply Last reply Reply Quote 0
          • AVI-NetworkGuyA
            AVI-NetworkGuy
            last edited by

            Decent guide for this from NIST:

            http://csrc.nist.gov/publications/drafts/nistir-7966/nistir_7966_draft.pdf

            1 Reply Last reply Reply Quote 0
            • 1 / 1
            • First post
              Last post