Recipe 17.5. Using Multiple Key Pairs
| < Day Day Up > |
17.5.1 ProblemYou would like to generate separate sets of keys for accessing different hosts, or different types of accounts. For example, you would like one SSH key for administering an FTP server, and a different one for accessing your private user accounts. 17.5.2 SolutionYou can name your key pairs anything you like with ssh-keygen. ssh-keygen will automatically append .pub to the public key. Always create a passphrase! akkana@windbag:$ ssh-keygen -t rsa -f /home/akkana/.ssh/ftp_key Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/akkana/.ssh/ftp_key. Your public key has been saved in /home/akkana/.ssh/ftp_key.pub. The key fingerprint is: 95:d2:12:55:66:ba:ec:a8:5c:40:4b:1e:03:2b:6c:ea akkana@windbag akkana@windbag:~$When you create a key pair with non-default names, you need to enter the private key name in ~/.ssh/ssh_config. If this file does not exist, create it, and make an entry like this: IdentityFile ~/.ssh/ftp_key 17.5.3 DiscussionThere should be a copy of the default ssh_config in /etc/ssh. When you make changes, the simplest method is to append your options to the end of the file. ssh_config is for both user-specific configurations and system-wide client options. Creating and storing a copy in a user's home directory configures user-specific options. 17.5.4 See Also
|
| < Day Day Up > |
