Bureaucrats, cc_docs_admin, cc_staff
2,879
edits
SSH Keys: Difference between revisions
warn non-default key names require -i
No edit summary |
(warn non-default key names require -i) |
||
| Line 194: | Line 194: | ||
* Do not copy your private key to a remote system. Your private key should not leave your workstation! | * Do not copy your private key to a remote system. Your private key should not leave your workstation! | ||
* If you have several laptops, you can create dedicated SSH key pairs for each of them. | * If you have several laptops, you can create dedicated SSH key pairs for each of them. | ||
* | * If you have several pairs, you may wish to name the keys. For example, <code>Laptop_RSA4096</code>. | ||
* Use < | ** If you name a key you must use the <code>-i</code> option to specify the key name when logging in, like this: <code>ssh -i Laptop_RSA4096 username@host</code> | ||
* If you use agent forwarding, use < | * Use <code>ssh-agent</code> to make encrypted keys convenient. | ||
* If you use agent forwarding, use <code>ssh-askpass</code> too. | |||
* Apply [[SSH_Keys#SSH_key_constraints| constraints]] to your public key to limit its scope. | * Apply [[SSH_Keys#SSH_key_constraints| constraints]] to your public key to limit its scope. | ||