Is it ok to share private key file between multiple computers/services

public-keyssh

So we all know how to use public key/private keys using SSH, etc. But what's the best way to use/reuse them? Should I keep them in a safe place forever? I mean, I needed a pair of keys for accessing GitHub. I created a pair from scratch and used that for some time to access GitHub. Then I formatted my HDD and lost that pair. Big deal, I created a new pair and configured GitHub to use my new pair. Or is it something that I don't want to lose?

I also needed a pair of public key/private keys to access our company systems. Our admin asked me for my public key and I generated a new pair and gave it to him. Is it generally better to create a new pair for access to different systems or is it better to have one pair and reuse it to access different systems? Similarly, is it better to create two different pairs and use one to access our companies systems from home and the other one to access the systems from work, or is it better to just have one pair and use it from both places?

Best Answer

You should definitely have separate private keys per origin. Basically that means there should generally be a single copy of each private key (not counting backups). It's ok to use the same private key from closely related machine, in situations where breaking into one basically gives you access to the other (for example if they're in each other's shosts.equiv). Don't use the same private key on machines in different realms (e.g. home and work), never share a private key between two users, and never share a private key between a laptop and any other machine.

For the most part, I don't see the point in having different private keys for different destinations. If a private key is compromised, all other private keys stored in the same directory will surely be compromised as well, so there would be added complication for no security benefit.

If you follow these principles, each key pair identifies one (machine, user) pair, which makes authorization management easier.

I can think of two exceptions to the general rule of a single private key per origin:

  • If you have a passwordless key that gives access only to a specific command on a specific machine (e.g. an automated backup or notification mechanism), that key must be different from the general shell access key.
  • If some machines are intermittently connected, you might have an old private key alongside a new private key, until you get around to finish deploying the new key.
Related Question