I couldn’t find any basic info for designers (on a mac) for how SSH keys work – so thought I’d ask them here.
If I want to connect my work workstation to:
- Github
- A DEV server
- A LIVE server
Do I generate one ssh key on the workstation and add it to all those servers or do I generate multiple keys – one for each server?
Once I’ve generated a key (or keys), do I copy it into the id_rsa file in my user account on that server (I realize I may have to create the id_rsa file)?
And if I now want to access the same server but from my home laptop, do I add the laptop’s ssh key to the same id_rsa file on the server or do I create a new file?
If I need to create a new file, does it matter what the file is called – laptop_rsa?
I basically want to disable root login on my servers but I don’t really understand how SSH applies to multiple machines and multiple servers.
Any help or pointers in the right direction would be much appreciated.
Cheers
You only need one key for the local machine that you are connecting
to all three servers.
For the DEV server and the LIVE server, you can add the contents of
your
id_rsa.pubfile to theauthorized_keysfile on each of the target servers.This file will be in the
~/.sshdirectory. You willneed to create the file if it’s not there (
touch). Adding your public key to this file~/.ssh/authorized_keys
will let you login with your passphrase rather than a password.
Place all authorized keys (i.e. your laptops id_rsa.pub) in the same
authorized_keys file on the target server.
Adding your keys to authorized_keys doesn’t affect root login (that is a separate setting), however, it will prevent people from attempting to brute-force your password if you then turn off password login.